Security and Privacy Expert

We are seeking a highly experienced Security and Privacy Expert to support an AI-driven tool development team. This role focuses on providing deep knowledge and expertise in information security and privacy, acting as a subject matter expert, advisor, and sparring partner for the team responsible for delivering the solution. The primary objective is to ensure timely, structured, and pragmatic attention to security and privacy aspects, identifying and addressing risks effectively. The expert will guide the development team in making informed decisions, ensuring that security and privacy principles are integral to the design process and decision-making, leveraging their expertise in conjunction with their understanding of the defense organization. Familiarity with defense standards and the ability to quickly assimilate the organization's goals and context is essential. The expert will understand the operational dynamics, stakeholder interests, and decision-making processes within the organization. Key responsibilities include: - Providing security and privacy expertise within the development team. - Advising on security-by-design and privacy-by-design principles without direct development involvement. - Monitoring the security requirements program. - Identifying and clarifying security and privacy risks in architectural and design choices. - Reviewing and assessing documents/products from suppliers and law enforcement. - Preparing Data Protection Impact Assessments (DPIAs), threat analyses, and risk assessments. - Translating relevant legislation (e.g., GDPR, AI Act, BIO) into actionable guidelines for the development team. - Evaluating infrastructural considerations against architecture and future readiness. - Acting as a bridge between technical, policy, legal, and management domains. - Providing both solicited and unsolicited advice.