Apply now »
City:  MADRID

 

 

 

 

 

AI Security Manager

22 May 2026
Job ID:  106102
Country:  Poland
Professional area:  Information Technology
Contract type:  Permanent
Professional level:  Experienced
Location: 

MADRID, ES, 28046

 

 

At JTI we celebrate differences, and everyone truly belongs. 46,000 people from all over the world are continuously building their unique success story with us. 83% of employees feel happy working at JTI.

 

To make a difference with us, all you need to do is bring your human best.

 

What will your story be? Apply now!  

Learn more: jti.com

 

 

Please apply by 4th of June

Department: Information Security & Risk Management 

Position: AI Security Manager

Location: Madrid, Spain
Contract Type: Local, Permanent

                 

                                                      AI Security Manager

 

Purpose:

 

The AI Security Manager is responsible for ensuring that all AI systems are secure, resilient, and compliant with regulatory and internal risk standards. The role establishes and enforces controls across the AI lifecycle to prevent misuse, protect data and model integrity, and manage emerging AI-specific risks.
Acting as the bridge between security, risk, and AI & Innovation teams, the AI Security Manager ensures that AI capabilities are deployed safely, monitored effectively, and governed in line with enterprise risk appetite. This includes embedding security into design, maintaining oversight of AI-related threats, and ensuring readiness to respond to incidents that impact AI systems or their outputs 

Responsibilities :

 

  1. Governance, Risk & Compliance
    Define AI security policies aligned with standards such as NIST AI Risk Management Framework and ISO guidelines
    • Conduct AI risk assessments, including ethical, legal, and privacy considerations
    Ensure compliance with evolving regulations (e.g., EU AI Act, data protection laws)
    Maintain audit trails and documentation for AI system decisions and controls
  2. AI Security Architecture & Controls
    • Define and implement security controls across the AI/ML lifecycle (data ingestion, model training, deployment, and inference).
    • Partner with AI and Innovation engineers to embed secure-by-design principles (e.g., model hardening, secure APIs, access
    controls)
    • Evaluate and mitigate risks such as model inversion, data poisoning, and adversarial attacks.
    • Establish secure AI/ MLOps practices, including model versioning, integrity validation, and pipeline security
  3.  Threat & Vulnerability Management for AI Systems
    Develop threat models specific to AI systems, including LLMs, recommendation engines, and predictive models.
    Continuously assess vulnerabilities in models, datasets, and dependencies
    Lead red-teaming exercises focused on adversarial AI and abuse scenarios (prompt injection, model extraction).
    Monitor emerging AI-specific threats and incorporate them into security posture

Requirements :

 

  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Security, Data Science, or a
    related discipline
    Advanced certifications in security or risk management are preferred (e.g., CISSP, CISM, CRISC)
    Additional exposure to AI/ML (formal coursework or certifications) is highly desirable
  • 7–10+ years of experience in cybersecurity, information security, or technology risk management.
    Proven experience in governance, risk, and compliance (GRC) and/or security architecture roles
    Hands-on exposure to AI/ML systems, data platforms, or advanced analytics environments
    Experience implementing or aligning with security frameworks (e.g., NIST, ISO 27001).
    Demonstrated involvement in incident response, threat modeling, or resilience planning.
    Experience working cross-functionally with technology, engineering, data science, and legal/compliance teams 
  • Fluent English written & spoken 
  • Strong understanding of AI/ML concepts, including the full model lifecycle and MLOps practices, alongside
    knowledge of AI-specific threats such as adversarial attacks, prompt injection, and model leakage. Familiar with
    cloud security, APIs, and data protection in distributed environments
    • Able to design and implement risk-based control frameworks for emerging technologies, with experience
    conducting risk assessments and translating technical risks into clear business impact, and a solid grasp of the
    regulatory landscape affecting AI and data usage
    • Capable of integrating AI systems into enterprise resilience and incident response frameworks, including defining
    monitoring, alerting, and response mechanisms for complex environments
    • Strong stakeholder management across technical and non-technical teams, with the ability to challenge
    constructively and enforce standards where needed, combined with clear communication skills to articulate risk,
    trade-offs, and control effectiveness 

 

Are you ready to join us? Build your success story at JTI. Apply now!

Next Steps:

 

After applying, if selected, please anticipate the following within 1-3 weeks of the job posting closure: Phone screening with Talent Advisor > Assessment tests > Interviews > Offer. Each step is eliminatory and may vary by role type.

 

At JTI, we strive to create a diverse and inclusive work environment. As an equal-opportunity employer, we welcome applicants from all backgrounds. If you need any specific support, alternative formats, or have other access requirements, please let us know.

 

 
Hide Element Example
Back to search results

Apply now »