Absa Group

Empowering Africa’s tomorrow, together…one story at a time.

Job Summary

To develop a functional risk and securities operating model and framework in a broadly defined business functional strategy; enabling horizontal alignment, implementation and adoption.

Job Description

Role Purpose

The Head of AI Security is responsible for protecting the Absa’s artificial intelligence systems, machine learning platforms, and generative AI capabilities from cyber threats, adversarial manipulation, data compromise, and misuse. The Head of AI Security will ensure that all AI systems are secure by design and resilient to adversarial attacks. The Head of AI Security ensures that AI platforms, models, and data pipelines are treated as critical digital infrastructure and protected accordingly. The role ensures that AI innovation occurs within a secure and resilient operating environment.

Key Responsibilities

1. AI Security Strategy & Architecture:

Define and implement the enterprise AI security strategy aligned with the Absa’s cybersecurity reference architecture and NIST principles.

Responsibilities:

• Develop the AI Security Framework for the enterprise

• Define secure architecture standards for AI platforms and ML systems

• Embed security-by-design across the AI lifecycle

• Align AI platforms with:

  • Zero Trust architecture

  • Cloud security frameworks

  • Secure SDLC

  • Enterprise IAM and access control

  • Enterprise Detection and Response controls

2. Adversarial Machine Learning Defence

AI systems are vulnerable to attacks that traditional security controls may not be able to detect or prevent.

• The Head of AI Security must implement defences against:

  • Model poisoning

  • Training data tampering

  • Adversarial inputs

  • AI API exploitation

  • Prompt injection (Generative AI)

  • Data exfiltration through AI models

Responsibilities:

• Establish AI threat modelling frameworks

• Implement adversarial robustness testing

• Introduce AI red teaming exercises

• Define secure model deployment controls

• Monitor models for abnormal behaviour and manipulation

3. Secure AI Development & MLOps

Ensure that AI systems are developed and deployed within a secure MLOps environment.

Responsibilities:

• Define Secure MLOps standards

• Integrate security testing into the ML lifecycle

• Protect training datasets

• Secure model registries and model artifact storage

• Ensure AI pipelines enforce authentication and authorization controls

• Implement automated security scanning for ML components.

4. Generative AI & LLM Security

Generative AI introduces significant enterprise risk if not properly governed.

• The Head of AI Security must implement controls to protect the organization from:

• Prompt injection

• Data leakage via prompts

• Sensitive data exposure through outputs

• Unauthorized model usage

• Abuse of AI capabilities

Responsibilities:

• Implement prompt filtering and prompt security policies

• Deploy input/output monitoring and content filtering

• Establish strict access control for generative AI tools

• Monitor generative AI activity and logs

• Define LLM security architecture standards

 

5. AI Data Security & Privacy Protection

• AI systems rely on large-scale data processing.

• The Head of AI Security must ensure:

• Patterns for secure ingestion of training data

• Patterns for Protection of sensitive financial and customer data

• Protection against training data leakage

6. AI Security Monitoring & Detection

AI systems must be continuously monitored for abuse or compromise.

Responsibilities:

• Implement AI security monitoring capabilities

• Integrate AI systems into enterprise SIEM/SOC monitoring

7. AI Incident Response

AI security incidents require specialized response procedures.

Responsibilities:

• Integrate AI threats into cyber incident response playbooks

• Define containment procedures for compromised models

• Establish forensic capabilities for AI systems

• Conduct post-incident model integrity verification

 

Required Experience

• 10–15 years in cybersecurity, AI, or platform security

• Qualifications in Mathematics and/or Computer Science, Masters Degree would be an added advantage

• Experience securing cloud-based AI platforms

• Exposure to machine learning or advanced analytics environments

• Experience implementing secure development frameworks

Education

Bachelor`s Degrees and Advanced Diplomas: Business, Commerce and Management Studies (Required)

Absa Bank Limited is an equal opportunity, affirmative action employer. In compliance with the Employment Equity Act 55 of 1998, preference will be given to suitable candidates from designated groups whose appointments will contribute towards achievement of equitable demographic representation of our workforce profile and add to the diversity of the Bank.

Absa Bank Limited reserves the right not to make an appointment to the post as advertised

Empowering Africa’s tomorrow, together…one story at a time.

With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.

Job Summary

As an Analyst within the team, the expectation will be to perform and review model validations in accordance with the model risk policy, take on a team/project lead role and be accountable for the delivery of work by junior members of the team.

Within validation the incumbent will conduct validations on a diverse range of AGL models, produce validation reports, negotiate the findings & actions with internal and external stakeholders and influence the continuous improvement of model quality & use. These areas make use of a wide range of models (Regulatory Capital, Economic Capital, impairments, pricing, behavioural, application, stress-testing, valuation, derivatives, insurance risk, etc.) and cover products used across all of AGLs business units.

This role is ideal for a candidate that wants to develop multi-dimensional skillset, is looking for a role that provides great visibility within the firm and wants to be in a position that will promote big-picture strategic thinking.

Job Description

Accountability: Model validation/monitoring (75%)

·    Execute validation/monitoring of models assigned to you by following each step in accordance to the IVU process. Specifically, ensure that all information required for the validation/monitoring is available on time, as received from Model Owner (MO) and/or Model Development (MD).

·    Ensure submission and completion milestones have been communicated to relevant stakeholders for the models assigned to you.

·    Complete assigned models on time according to the IVU planning schedule.

·    Use agreed templates and tools.

·    Validate/monitor models in accordance to internal and external requirements (e.g. as set out in the Group Model Risk Policy - GMRP and associated standards, Basel regulations, Prudential Authority - PA regulations long-forms, IFRS9, etc.).

·    Produce a report requiring minimum corrections as part of senior analyst / management review.

·    Document model recommendations/findings and relevance thereof to model use. Agree resolution actions and resolution timelines with affected counterparties and document these in the report.

·    Ensure that all findings that are resolved are evidenced and that you have checked and recorded as such.

 

Accountability: Management of Stakeholder Relationships (10%)

·    Develop a professional relationship with all stakeholders. These include, but are not limited to, model owners, model developers, and audit.

·    Good communication of model findings to all stakeholders.

·    Either address (where able and competent) or escalate material concerns or bottlenecks to line manager (or relevant stakeholder) as early as possible to enable actions to be taken pre-emptively.

·    On an ongoing basis, interact with internal stakeholders (e.g. model developers, IVU colleagues, model owners, model implementation, business representatives, etc.) to ensure common understanding of findings and concepts.

 

Accountability: Development of Technical and Product Knowledge (15%)

·    Develop own technical knowledge, regulatory/policy knowledge and softer skills independently from scheduled team training.

·    Exposure to diverse range of models across different business areas.

·    Identify and escalate any conceptual or big picture risks (incl. changes to the regulatory landscape) in respect of IVU and AGL.

·    Strive to receive regular 360 feedback to facilitate sight of blind spots and develop oneself.

·    Attend and actively participate in citizenship/training events.

·    Ensure simple administrative issues are addressed adequately and within agreed timelines - such as performance review process, completion of assigned training etc.

Education

Bachelor`s Degrees and Advanced Diplomas: Physical, Mathematical, Computer and Life Sciences (Required)

Absa Bank Limited is an equal opportunity, affirmative action employer. In compliance with the Employment Equity Act 55 of 1998, preference will be given to suitable candidates from designated groups whose appointments will contribute towards achievement of equitable demographic representation of our workforce profile and add to the diversity of the Bank.

Absa Bank Limited reserves the right not to make an appointment to the post as advertised