AI Cybersecurity Governance & Model Risk Specialist-EU AI Act and CBUAE AI

We have an urgent requirement for AI Cyber security Governance & Model Risk Specialist (EU AI Act and CBUAE AI principles) with experience in banking domain is required for our banking clients in Abu Dhabi, UAE.

We are seeking an AI Governance & Model Risk Specialist to lead the development and enforcement of responsible AI practices across the bank. This role will ensure our use of AI/ML, including Generative AI, aligns with regulatory requirements such as the EU AI Act and CBUAE AI Principles, while managing cyber risks associated with AI infrastructure. The specialist will bridge regulatory compliance, model risk, and cybersecurity to enable safe and ethical AI adoption.

• Design, implement, and enforce enterprise AI governance frameworks aligned with the EU AI Act, CBUAE AI Principles, and internal policies. Define roles, controls, and approval workflows for AI system development and deployment.
• Establish model risk management policies and standards specific to Generative AI use cases in banking. Partner with Data Science, Risk, and Compliance teams to assess model design, data lineage, bias, explainability, and performance monitoring.
• Conduct cyber threat and risk assessments for AI/ML platforms, LLMs, data pipelines, and model deployment environments. Identify risks related to data poisoning, prompt injection, model theft, and supply chain vulnerabilities.
• Ensure AI initiatives comply with applicable regulatory requirements and internal risk management processes. Prepare risk assessments, impact analyses, and board-level reporting on AI risk posture and compliance status.
• Develop standards, procedures, and guardrails for ethical AI use, third‑party AI adoption, and AI lifecycle management. Drive training and awareness programs for business and technical teams.
• Act as subject matter expert advising CISO, CRO, Data Office, and business units on AI risks, controls, and emerging regulatory expectations. Support new product risk assessments involving AI.

• 10+ years in technology risk, model risk management, AI governance, or cybersecurity with exposure to AI/ML systems.
• Strong understanding of EU AI Act, CBUAE AI Principles, and model risk frameworks such as SR 11‑7 or ECB TRIM.
• Familiarity with AI/ML lifecycle, LLM risks, MLOps pipelines, and common attack vectors against AI systems.
• Experience conducting technology risk assessments, control testing, or model validations in a regulated financial institution.
• Ability to translate complex AI/regulatory concepts into clear policies and executive briefings for senior management and risk committees.
• Governance, EU AI, CBUAE, AI cybersecurity skills.

• CISSP
• CISM
• ISO/IEC 42001 Lead Implementer (AI Management System)