Associate Director of Cybersecurity, Physical Security, and AI Governance

About The Position

Requirements

• Bachelor’s degree in information security, computer science, data management, or a related field (or equivalent experience)
• Typically, 7+ years of experience in cybersecurity, risk management, enterprise IT, data governance, or related leadership roles
• Demonstrated experience leading enterprise-level security strategy and governance
• Strong understanding of cybersecurity and physical security principles
• Strong understanding of data analytics platforms and data protection
• Strong understanding of AI and generative AI risk, governance, and ethical considerations
• Proven ability to communicate complex risk topics to executive audiences

Nice To Haves

• Advanced degree (MBA, MS, or equivalent)
• Relevant certifications such as CISSP, CISM, CRISC, CPP, CDMP, or AI-governance credentials
• Experience supporting cloud-based, analytics-driven, and AI-enabled enterprise environments
• Experience presenting to executive leadership or governance committees
• Experience with Microsoft environments (Azure, Fabric)
• Experience with security products, including but not limited to: Defender, Sentinel, Purview, Entra, Azure Web Application Firewall
• Experience with Brivo badging system

Responsibilities

• Define and maintain a multiyear enterprise strategy spanning cybersecurity, physical security, data analytics governance, and AI and automation risk.
• Ensure security, data, and AI considerations are embedded into IT architecture, cloud platforms, analytics initiatives, and application delivery.
• Advise IT leadership on risk, opportunity, and investment priorities related to emerging technologies.
• Translate technical, physical, and AI-related risks into clear business impact for executive decision-making.
• Establish and maintain the organization’s AI governance framework, including acceptable and responsible AI use, data privacy, security, and ethical guardrails, and oversight for AI-enabled tools.
• Partner with data and analytics teams to define standards for data classification, protection, and analytics platform security.
• Serve as the escalation point for AI-related risk, misuse, or policy exceptions.
• Balance security needs with business needs to ensure safe practices without prohibiting key business objectives.
• Own enterprise governance for cybersecurity, physical security, data protection, and AI use within the ECG organization.
• Develop and maintain policies, standards, and control objectives.
• Lead or oversee enterprise risk assessments across cyber, physical, data, and AI domains.
• Align governance practices with recognized frameworks, such as NIST, ISO, and applicable privacy or AI standards.
• Provide strategic oversight into cybersecurity, physical security, and data governance functions (direct or matrixed).
• Partner closely with IT infrastructure, applications, architecture, data and analytics, HR, legal, and compliance teams.
• Act as the security, data, and AI-governance authority within IT leadership forums.
• Promote a culture of responsible innovation that enables progress while maintaining trust and control.
• Advise IT leadership on security, analytics, and AI investment priorities.
• Define and track KPIs and KRIs related to security posture, data governance maturity, and AI risk.
• Deliver executive-ready reports on trends, risks, and program effectiveness.
• Define enterprise-level strategies for cyber incidents, physical security events, data breaches, and AI misuse scenarios.
• Ensure leadership readiness for high-impact incidents.
• Lead post-incident strategic reviews focused on systemic improvement and governance maturity.
• Partner with SHS and ECG compliance to ensure AI and data governance aligns with regulatory, contractual, privacy, and ethical obligations.
• Codevelop policies addressing acceptable AI use, intellectual property, confidentiality, and third-party risk.
• Support coordinated responses to AI-related incidents, audits, or regulatory inquiries.

Benefits

• Attractive compensation package
• Challenging work
• Entrepreneurial environment
• Eligibility for ECG’s annual incentive compensation program
• Medical coverage
• Dental coverage
• Vision coverage
• 401(k) matching program
• Unlimited PTO
• Wellness programs