AI Enablement & Governance - AI Security & Controls Lead

About the Role

The significance of this role cannot be overstated, given the increasing reliance on AI and machine learning models in business operations. The AI Security and Controls Lead plays a key part in ensuring that these technologies are not only effective but also secure and compliant with evolving regulatory standards.

What You Will Do

• Partner directly with AI engineers and developers, information security, and governance teams to define AI-specific security and risk management standards.
• Translate enterprise security principles and risk frameworks into AI-appropriate guidance, covering model access control, abuse prevention, prompt and context security, data leakage, and inference risks.
• Define AI runtime monitoring and incident response expectations aligned with existing incident response playbooks.
• Ensure AI security guidance remains aligned with evolving technology patterns, external expectations, and internal architectures.
• Contribute to the broader AI policy hierarchy by mapping security requirements to AI governance policies, controls, and standards.
• Partner with third-party risk and supplier governance teams to identify AI-specific risks introduced by vendors, models, platforms, and APIs.
• Define AI security control expectations for vendors and managed services, supporting the evaluation of vendor AI security posture.
• Contribute AI-specific input to due diligence and risk assessments for third-party AI solutions.
• Collaborate with various stakeholders to implement and maintain AI security controls, ensuring scalability and effectiveness.
• Develop and maintain documentation of AI security policies, standards, and procedures.

What We Are Looking For

• Strong understanding of AI and machine learning security risks and mitigations.
• Experience in defining and implementing security controls and standards.
• Excellent collaboration and communication skills, with the ability to work effectively across multiple teams.
• Knowledge of information security principles and risk management frameworks.
• Experience with AI engineering, including model development and deployment.
• Familiarity with regulatory requirements related to AI and data privacy.
• Strong analytical and problem-solving skills, with attention to detail.
• Experience working with Excel for data analysis and reporting.
• At least 5 years of experience in a related field, such as information security, AI engineering, or risk management.

Nice to Have

• Certification in information security or a related field.
• Experience with cloud-based AI solutions and their security implications.
• Knowledge of agile development methodologies and their application in AI projects.
• Experience with AI-specific security tools and technologies.

Benefits and Perks

• Comprehensive total rewards package, including health, dental, and vision coverages starting Day One.
• Wellbeing programs, retirement plans with contribution matching, and generous time off.
• Parental leave, continuing education opportunities, and career growth opportunities.
• Flexible working arrangements, with Alight Solutions being a leader in the flexible workspace.
• Opportunity to work with a 'Great Place to Work' awarded company, committed to the well-being and growth of its employees.
• Access to cutting-edge technologies and the chance to contribute to innovative AI solutions.
• Collaborative and dynamic work environment with a team of experienced professionals.

• Be prepared to back your claims: Ensure your resume and cover letter are tailored to the role, highlighting specific experiences where you've defined and implemented AI security standards.
• Understand the business context: Show a deep understanding of how AI is integrated into business operations and the potential risks and benefits associated with its adoption.
• Brush up on Excel skills: Given the emphasis on Excel, make sure you're proficient in using it for data analysis and reporting.
• Showcase your collaboration skills: Highlight instances where you've worked effectively with cross-functional teams, including AI engineers, security professionals, and third-party vendors.
• Stay updated on regulatory requirements: Familiarize yourself with the latest regulatory standards related to AI and data privacy, and be prepared to discuss how you'd ensure compliance in this role.
• Prepare examples of risk management: Come prepared with specific examples of how you've identified, assessed, and mitigated risks in AI projects or similar contexts.
• Emphasize your problem-solving skills: Demonstrate how your analytical and problem-solving skills can be applied to the complex challenges of AI security and risk management.