Director, AI & Technology Risk
About The Position
The Director of AI & Technology Risk serves as the enterprise security authority for artificial intelligence (including generative and agentic AI), automation, and latest technology risk across Levi Strauss & Co. You will partner with retail, digital, supply chain, corporate, and regional departments to embed security into strategy, procurement, technology adoption, and operational transformation projects. You will establish governance frameworks, risk standards, and secure enablement guardrails to ensure AI systems - particularly generative AI models, agentic workflows, and autonomous automation capabilities - are adopted responsibly, securely, and in alignment with enterprise risk tolerance. This Director-level role reports to the Senior Director of Cyber Risk & Strategy. You will provide leadership and oversight to Business Information Security Officers (BISOs) in Europe and Asia. Additionally, you will ensure a global risk posture and harmonized security engagement model. About the Job You will serve as subject matter expert between cybersecurity and global teams on generative AI, agentic AI, automation, and latest technology risk. You will establish and maintain the enterprise AI & Technology Risk framework, including standards and guardrails for generative and agent-based AI systems. You will define AI use case intake, review, and risk tiering processes for model deployment, prompt-based systems, and autonomous agents. You will develop security requirements addressing model abuse, prompt injection, data leakage, excessive autonomy, tool invocation risk, and third-party AI integration. You will partner with Procurement, Legal, Privacy, Data, and Enterprise Architecture to embed security requirements into AI vendor selection, contracts, and governance models. You will provide architectural risk guidance for AI integrations, APIs, RAG implementations, agent orchestration layers, automation workflows, and data usage patterns. You will lead BISOs in Europe and Asia, ensuring AI and technology risk management best practices and reporting across regions. You will guide measurable reduction of AI-related risk exposure through improved governance, control maturity, and executive visibility. You will participate in enterprise risk councils and executive forums to communicate generative and agentic AI risk posture and new threat trends. You will collaborate with Detection Engineering, Cloud Security, and AppSec teams to investigate and improve AI-related security incidents. You will monitor global regulatory developments (e.g., EU AI Act, GDPR) and assess impact to enterprise generative and agentic AI strategy.
Requirements
- BA/BS in Business, Computer Science, Information Security, Engineering, or related field.
- 10+ years of progressive experience in cybersecurity, risk management, or technology governance; 5+ years influencing senior business leaders.
- Expertise leading security programs in complex global, matrixed organizations.
- Experience managing distributed or regional security leaders.
- Quantify risk and communicate trade-offs in business terms.
- Experience with enterprise risk frameworks (NIST CSF, ISO/IEC 27001, FAIR), regulatory regimes (GDPR, PCI-DSS), and third-party risk management.
- Working knowledge of generative AI and agentic AI risk domains, including model lifecycle governance, prompt security, agent autonomy controls, and vendor AI oversight.
- Translate security goals into business-aligned execution roadmaps and measurable outcomes.
- Ability to challenge assumptions constructively and lead accountability across global teams.
Nice To Haves
- Advanced degree desirable but not required.
Responsibilities
- Serve as subject matter expert between cybersecurity and global teams on generative AI, agentic AI, automation, and latest technology risk.
- Establish and maintain the enterprise AI & Technology Risk framework, including standards and guardrails for generative and agent-based AI systems.
- Define AI use case intake, review, and risk tiering processes for model deployment, prompt-based systems, and autonomous agents.
- Develop security requirements addressing model abuse, prompt injection, data leakage, excessive autonomy, tool invocation risk, and third-party AI integration.
- Partner with Procurement, Legal, Privacy, Data, and Enterprise Architecture to embed security requirements into AI vendor selection, contracts, and governance models.
- Provide architectural risk guidance for AI integrations, APIs, RAG implementations, agent orchestration layers, automation workflows, and data usage patterns.
- Lead BISOs in Europe and Asia, ensuring AI and technology risk management best practices and reporting across regions.
- Guide measurable reduction of AI-related risk exposure through improved governance, control maturity, and executive visibility.
- Participate in enterprise risk councils and executive forums to communicate generative and agentic AI risk posture and new threat trends.
- Collaborate with Detection Engineering, Cloud Security, and AppSec teams to investigate and improve AI-related security incidents.
- Monitor global regulatory developments (e.g., EU AI Act, GDPR) and assess impact to enterprise generative and agentic AI strategy.
Benefits
- incentive plans
- 401(k) matching
- paid leave
- health insurance
- product discounts
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Director
