AI Security & Governance Lead

Overview

AI Security & Governance Lead

• to translate governance policy into enforceable technical controls across the Microsoft security stack.
• You will be the governance authority — not a solution designer — ensuring every AI initiative meets the bar for security, privacy, and Responsible AI before reaching production.
• What you'll own:
• Translate AI governance policies into technical controls, playbooks, and automated checks; implement the enterprise AI Governance Framework across all AI solutions.
• Onboard datasets and applications to Microsoft Purview; define classifications, sensitivity labels, DLP, and access policies.
• Implement tenant, application, and data security baselines across Entra ID, PIM, Conditional Access, and Defender.
• Establish AI risk assessment, threat modeling, red-teaming, jailbreak testing, and prompt/content safety controls.
• Operate auditability: Purview Audit, retention, investigation runbooks, and evidence management for reviews.
• Run DSPM for AI posture management; track risks, drive remediation, and report to governance councils.
• Work with Legal and Compliance on data residency, IP, and regulatory requirements; support vendor due diligence.
• Own the AI Governance Stage Gates (client-owned):
• Pre-development approval (data usage, risk classification, control baseline).
• Pre-production approval (security/privacy/model-risk evidence pack, release criteria).
• Post-deployment assurance (monitoring, drift and abuse checks, incident readiness, auditability).
• Act as a governance interface to the delivery partner's solution architects and delivery leads — without designing or implementing AI solutions yourself.
• Define and enforce governance requirements for all external vendors covering transparency, data usage boundaries, audit rights, and assurance artefacts.
• What you bring:
• 8–10 years in cloud security and governance with hands-on experience across the Microsoft security stack and exposure to AI systems.
• Demonstrated experience implementing data protection and audit controls in regulated environments.
• Bachelor's in Computer Science, Information Security, or equivalent.
• Core skills and tools required:
• Microsoft Purview: catalog, Information Protection, DLP, Audit.
• Entra ID: PIM, Conditional Access.
• Defender for Cloud and Defender for Cloud Apps.
• Threat modeling for AI and LLM systems; prompt injection and jailbreak testing; safety filters and content moderation.
• KQL for investigations; eDiscovery fundamentals; evidence management.
• Policy-as-code (Azure Policy), automation (Logic Apps, Functions), and secure SDLC.
• Required certifications:
• IAPP Artificial Intelligence Governance Professional (AIGP) or ISO/IEC 42001 Lead Implementer
• Microsoft Certified: Cybersecurity Architect Expert (SC-100) (or CISSP/CCSP as equivalents)

• Microsoft Certified: Information Protection Administrator (SC-400)

• Preferred certifications:
• Microsoft Certified: Azure Security Engineer (AZ-500) or Cloud and AI Security Engineer (SC-500)

Experience

Salary Range