As advanced technologies such as machine learning and artificial intelligence systems are added to the enterprise portfolio, the machine learning analyst is responsible for researching, understanding and characterizing risks and controls in these advanced systems.
The analyst will help design and participate in enterprise-wide governance activities around the orderly analysis, supervision, maintenance and control of machine learning technologies, and will actively participate and keep abreast of cutting edge research into strengths, weaknesses and concerns associated with machine learning technology.
The ideal candidate combines subject matter expertise in machine intelligence with a deep appreciation for financial industry products and services, and will explain to senior leadership as well as technical personnel not just what can go wrong but what it means to the business, its customers and shareholders.
Contribute to the development of enterprise application security objectives and metrics
Subject matter expertise in artificial intelligence / machine learning topics
Apply and interpret application security objectives in context of designated platforms
Identify, champion, and supervise the implementation of defensive controls, methods and processes within Bank applications
Pro-actively engage stakeholders, including development managers, developers, architects, and governance bodies in the Bank to achieve security objectives
Deliver multiple technology projects across multiple teams
Regularly interact with senior technology and business management, requiring the ability to explain complex statistical and technical matters in a way both technical and non-technical personnel can understand
Manage business partner relationships to deliver a seamless and responsive workflow
Collaboratively develop technical architectures, processes and procedures pursuant to application security objectives together with business and technical partners
Deliver training and collaborate with internal and approved external knowledge-sharing bodies
Develop processes and procedures to advance application security objectives, suitable for adoption throughout the Bank
Contribute to and interpret enterprise policies, standards, and baselines and mentor personnel with less experience or knowledge of the same
Expert knowledge of one or more artificial intelligence technologies, such as neural networks, clustering systems, prediction systems, and supervised learning systems
Exposure to application security testing techniques
Working knowledge of the Python programming language and basic proficiency using software development tooling.
Familiarity with at least one domain specific language, such as R, SQL, Matlab, VBE, Make, Bash, Powershell
Able to work with data using tools in the Hadoop ecosystem and traditional relational databases. Experience with Apache Impala, Apache Spark, and Python libraries like pandas is a plus.
Understanding of statistics principles and business applications of statistics principles
Experience with business planning, governance and management of application development or application security functions at a systemically important financial institution
Ability to write policies, standards and baselines around application security and associated topics
Required Experience Level:
5+ years of progressive experience in application security and / or software development, at least 2 years of experience in machine learning
Bachelor’s degree or higher in CS, IT, a related technical or engineering field
Experience working in the financial sector
CISSP or similar professional certification, or commensurate experience
Experience with adversarial testing of machine learning algorithms / systems
Knowledge of at least one application security testing methodology or approach, including formal methods, system level security, SAST / DAST, threat modeling, ethical hacking and crowd-sourcing
Technical writing skills
Public speaking skills
Cyber security experience at a systemically important financial institution
Experience working at a bank, credit union, money services business, or similar
Experience with online collaboration tools and technologies such as Sharepoint, Slack, HipChat, video conferencing
Familiarity with tools like IDEs, Pipenv, conda, and git
Able to read and write software in at least one additional programming language such as C, C++, .Net, Java
Experience with source control, agile development, bug tracking, build automation, and change control platforms (e.g., devops)
Understanding of contemporary networking technologies, e.g., TCP/IP, routing, subnetworking, firewalls, VPN and DMZ
Knowledge of one or more contemporary endpoint architectures, including Mac, Windows (workstation and/or server), Linux, iOS, Android, mainframe
Knowledge of NIST 800 series, FIPS standards, ISO 27000 series, CSA and related standards