This role involves building and leading the information security function at Nurix AI. The company is experiencing rapid growth and requires a seasoned expert to establish a world-class security posture. The role focuses on addressing the unique security challenges of AI, LLMs, and multi-cloud infrastructure, ensuring innovative solutions are secure by design.

Responsibilities :

- Security Strategy and Architecture: Design and implement a comprehensive information security strategy, with a focus on AI/ML workloads, LLMs, conversational AI, and multi-cloud infrastructure (AWS, GCP, Azure).

- Threat Management and Incident Response: Establish threat detection, vulnerability management, and incident response capabilities.

- AI and LLM Security: Implement security best practices for the AI/ML development lifecycle, including data security, model integrity, and adversarial attack mitigation for LLMs.

- Cloud Security Governance: Develop and enforce security controls across multi-cloud environments.

- DevSecOps Leadership: Embed security best practices throughout the SDLC and CI/CD pipelines.

- Policy, Compliance, and Risk Management: Develop and enforce security policies aligned with international standards and data protection laws. Conduct risk assessments on internal systems, vendors, and AI solutions.

- Security Operations and Tooling: Oversee the use of security tools (SIEM, EDR, vulnerability scanners).

- Security Awareness and Culture: Drive a culture of security awareness.

- Customer Trust and Advocacy: Serve as a security subject matter expert.

- Vendor Management: (Requires significant experience) Understanding of Global Compliance.

Requirements :

- Bachelor's degree in Computer Science, Cybersecurity, or related field.

- 6-10 years of experience in Information Security, with a focus on cloud environments and complex software systems.

- Deep expertise in AI/ML security, including risks associated with LLMs, data pipelines, and conversational AI.

- Proven experience in designing and managing security in multi-cloud environments (AWS, GCP, Azure).

- Hands-on experience with security tools (SIEM, EDR, vulnerability scanning).

- Understanding of securing APIs, containers, microservices, and CI/CD pipelines.

- Knowledge of security frameworks and standards (OWASP, MITRE ATT and CK, ISO 27001 SOC 2).

- Experience in developing security policies, conducting risk assessments, and managing incident response.

- Excellent communication, leadership, and project management skills.

Preferred Skills (Bonus Points) :

- Master's degree in Cybersecurity or related field.

- Security certifications (CISSP, CISM, CCSP, CEH, CompTIA Security+, cloud security certifications).

- Experience in a rapidly scaling technology startup.

- Strong knowledge of global and Indian data privacy frameworks (GDPR, HIPAA, DPDP Act).

- Experience building a security function from the ground up.