AI Analyst – Security & Governance

Job Title

AI Analyst – Security & Governance

Role Summary

The AI Analyst – Security & Governance supports the secure, responsible, and compliant use of artificial intelligence across the enterprise. This role focuses on AI risk analysis, security control validation, governance reporting, and regulatory readiness, partnering closely with Security, GRC, Legal, Privacy, IT, and Product teams to ensure AI systems are used safely, transparently, and in alignment with enterprise AI governance policies and evolving regulations.

The role acts as a hands‑on analyst and force multiplier, translating AI governance requirements into practical analysis, monitoring, metrics, and decision support for leadership.

Key Responsibilities

AI Security & Risk Analysis

• Assess AI systems, tools, and use cases for security, privacy, data protection, IP, and misuse risks, including generative and traditional AI.
• Support AI risk classification, intake reviews, and control validation aligned to enterprise AI governance frameworks.
• Monitor risks related to data leakage, prompt misuse, model drift, third‑party AI exposure, and unauthorized AI usage (AI Shadow IT).
• Partner with Security Operations to support AI‑related incident analysis, reporting, and lessons‑learned activities.

AI Governance & Compliance

• Support execution of the enterprise AI Governance Policy, including tracking compliance, approvals, and exceptions.
• Assist with regulatory readiness (e.g., AI regulations, data protection laws), translating requirements into governance artifacts, tracking, and evidence.
• Maintain AI inventories, risk registers, metrics, and dashboards to support audit and leadership reporting.
• Help operationalize security‑by‑design and privacy‑by‑design principles across the AI lifecycle.

Monitoring, Metrics & Reporting

• Analyze AI usage data, monitoring signals, and security controls to identify trends, gaps, and emerging risks.
• Develop executive‑ready insights and summaries for leadership, risk committees, and audit reviews.
• Track governance KPIs such as AI coverage, risk posture, control adoption, policy compliance, and remediation progress.
• Support continuous improvement by identifying recurring issues and recommending governance enhancements.

Cross‑Functional Partnership

• Partner with Legal, Privacy, IT, Product Security, Procurement, and OpCo teams to evaluate AI tools, vendors, and use cases.
• Support education and awareness efforts by translating governance requirements into clear guidance for business and technical teams.
• Contribute to standard work, playbooks, and templates supporting AI governance at scale.

Required Qualifications

• Bachelor’s degree in Information Security, Data Analytics, Computer Science, Risk Management, or a related field.
• 3–5+ years of experience in security analysis, risk management, governance, compliance, or technology assurance.
• Working knowledge of AI concepts, including generative AI, model training/inference, data usage, and AI‑enabled tools.
• Experience assessing or supporting controls related to data protection, access management, third‑party risk, and secure development.
• Strong analytical skills with the ability to synthesize complex technical topics into clear, executive‑ready insights.

Preferred Qualifications

• Experience supporting AI governance, product security, privacy engineering, or secure development lifecycle (SDL).
• Familiarity with emerging AI regulations and responsible/ethical AI principles.
• Experience with governance tooling, dashboards, or security monitoring platforms.
• Background in GRC, audit support, or enterprise risk management.
• Ability to work effectively across global, matrixed organizations.

Core Competencies

• Analytical thinking and attention to detail
• Clear, concise communication
• Risk‑based decision making
• Cross‑functional collaboration
• Continuous improvement mindset

Outcomes of Success

• Improved visibility into AI usage, risks, and controls across the enterprise
• Consistent, defensible AI governance and security posture
• Clear, actionable insights for leadership and audit stakeholders
• Scalable governance that enables innovation while managing risk