Manager

KPMG Delivery Network (KDN) is seeking a talented DevMLSecOps Manager to lead and implement a holistic approach to developing, securing, and operating our ML systems. You will be pivotal in fostering a culture of security and efficiency throughout the entire ML lifecycle, from data exploration to model deployment and monitoring. This role requires a strong technical foundation in software development, machine learning operations, and security principles, along with team management and collaboration skills.

Key responsibilities include:

• Define and implement DevMLSecOps best practices, integrating security seamlessly into the ML development lifecycle
• Establish secure coding standards and guidelines specific to machine learning pipelines and model development.
• Design and implement secure and automated CI/CD pipelines for ML models, incorporating security gates and testing at each stage.
• Collaborate with Data Scientists and ML Engineers to build secure and robust ML applications and services.

• Architect and maintain secure and scalable infrastructure for training, deploying, and monitoring machine learning models, leveraging cloud platforms (e.g., AWS, Azure, GCP) and containerization technologies (e.g., Docker, Kubernetes).
• Implement robust security controls for ML components.
• Ensure secure deployment and management of ML models in production environments, including access control, monitoring, and logging.

• Lead threat modeling activities specific to machine learning systems, identifying unique security risks and attack vectors.
• Implement and manage vulnerability scanning and security testing tools tailored for ML components and infrastructure.
• Establish processes for secure data handling throughout the ML lifecycle, including data encryption, anonymization, and access controls.
• Stay current on the latest research and trends in adversarial machine learning and defense mechanisms.

• Drive the automation of security tasks within the ML pipeline and infrastructure.
• Implement comprehensive monitoring and logging for ML systems, including performance metrics, security events, and anomaly detection.
• Develop and maintain incident response plans specifically for security incidents affecting ML systems.
• Establish key security metrics and dashboards to track the security posture of ML operations.

• Collaborate closely with data scientists, developers, DevOps, and Security teams to foster a security-first mindset.
• Define and enforce security policies and governance frameworks specific to machine learning.
• Drive security training and awareness programs for the AI and development teams on ML-specific security considerations.
• Evaluate and recommend security tools and technologies relevant to DevMLSecOps.

Educational qualifications

• Bachelor’s or Master’s degree in Computer Science, Information Security, Machine Learning, or a related field.
• Relevant security certifications (e.g., CISSP, CCSK, cloud security certifications) are a plus.

Work experience

• 8+ years of experience in ML development, DevOps, machine learning operations, and security engineering roles.
• Strong understanding of MLOps security, AI adversarial threats, model poisoning , data exfiltration and AI risk frameworks.
• Hands-on experience with AI security tools (e.g., ModelScan, RobustML, Microsoft Purview, IBM AI OpenScale).
• Experience securing ML pipelines, LLMs, and AI APIs.
• Deep knowledge of cryptographic techniques for AI security (homomorphic encryption, secure multi-party computation, differential privacy, etc.).
• Familiarity with secure AI coding practices (e.g., Python, TensorFlow, PyTorch, LangChain security best practices).

Skills

• Strong proficiency in either Azure or GCP and its security services.
• Hands-on experience with containerization and orchestration technologies (Docker, Kubernetes) and their security best practices.
• Expertise in implementing and managing CI/CD pipelines, with a focus on integrating security testing and validation.
• Experience with security tools and technologies relevant to cloud security, application security, and infrastructure security.
• Scripting and automation skills (e.g., Python, Bash) are essential.
• Knowledge of data security and privacy regulations (e.g., GDPR, CCPA).