AI Analyst – Security & Governance

Job Title

AI Analyst Security & Governance

Role Summary

The AI Analyst Security & Governance supports the secure responsible and compliant use of artificial intelligence across the enterprise. This role focuses on AI risk analysis security control validation governance reporting and regulatory readiness partnering closely with Security GRC Legal Privacy IT and Product teams to ensure AI systems are used safely transparently and in alignment with enterprise AI governance policies and evolving regulations.

The role acts as a handson analyst and force multiplier translating AI governance requirements into practical analysis monitoring metrics and decision support for leadership.

Key Responsibilities

AI Security & Risk Analysis

• Assess AI systems tools and use cases for security privacy data protection IP and misuse risks including generative and traditional AI.
• Support AI risk classification intake reviews and control validation aligned to enterprise AI governance frameworks.
• Monitor risks related to data leakage prompt misuse model drift thirdparty AI exposure and unauthorized AI usage (AI Shadow IT).
• Partner with Security Operations to support AIrelated incident analysis reporting and lessonslearned activities.

AI Governance & Compliance

• Support execution of the enterprise AI Governance Policy including tracking compliance approvals and exceptions.
• Assist with regulatory readiness (e.g. AI regulations data protection laws) translating requirements into governance artifacts tracking and evidence.
• Maintain AI inventories risk registers metrics and dashboards to support audit and leadership reporting.
• Help operationalize securitybydesign and privacybydesign principles across the AI lifecycle.

Monitoring Metrics & Reporting

• Analyze AI usage data monitoring signals and security controls to identify trends gaps and emerging risks.
• Develop executiveready insights and summaries for leadership risk committees and audit reviews.
• Track governance KPIs such as AI coverage risk posture control adoption policy compliance and remediation progress.
• Support continuous improvement by identifying recurring issues and recommending governance enhancements.

CrossFunctional Partnership

• Partner with Legal Privacy IT Product Security Procurement and OpCo teams to evaluate AI tools vendors and use cases.
• Support education and awareness efforts by translating governance requirements into clear guidance for business and technical teams.
• Contribute to standard work playbooks and templates supporting AI governance at scale.

Required Qualifications

• Bachelors degree in Information Security Data Analytics Computer Science Risk Management or a related field.
• 35 years of experience in security analysis risk management governance compliance or technology assurance.
• Working knowledge of AI concepts including generative AI model training/inference data usage and AIenabled tools.
• Experience assessing or supporting controls related to data protection access management thirdparty risk and secure development.
• Strong analytical skills with the ability to synthesize complex technical topics into clear executiveready insights.

Preferred Qualifications

• Experience supporting AI governance product security privacy engineering or secure development lifecycle (SDL).
• Familiarity with emerging AI regulations and responsible/ethical AI principles.
• Experience with governance tooling dashboards or security monitoring platforms.
• Background in GRC audit support or enterprise risk management.
• Ability to work effectively across global matrixed organizations.

Core Competencies

• Analytical thinking and attention to detail
• Clear concise communication
• Riskbased decision making
• Crossfunctional collaboration
• Continuous improvement mindset

Outcomes of Success

• Improved visibility into AI usage risks and controls across the enterprise
• Consistent defensible AI governance and security posture
• Clear actionable insights for leadership and audit stakeholders
• Scalable governance that enables innovation while managing risk