Enterprise Cybersecurity AI Risk Analyst

About The Position

Requirements

• 5+ years of experience supporting cyber, technology, product, or enterprise risk activities, including risk identification, risk assessment, control evaluation, issue documentation, risk reporting, or lifecycle management
• Experience with GRC practices, including policy alignment, control expectations, exception handling, risk acceptance, issue tracking, audit or compliance support, or risk governance routines
• Knowledge of artificial intelligence concepts, AI-enabled tools, generative or agentic AI, machine learning-enabled capabilities, or AI product and use case evaluation
• Knowledge of industry-standard cybersecurity, privacy, AI, or risk frameworks, including NIST CSF, NIST AI RMF, NIST SP 800-53, NIST SP 800-171, ISO 27001, ISO 42001, MITRE ATLAS, or CMMC
• Ability to write clear, concise, executive-ready risk summaries, and translate complex technical or emerging technology concepts into business impact
• Ability to work across technical and non-technical teams with a collaborative, customer-service-oriented mindset
• Ability to independently manage assigned workstreams, prioritize competing demands, follow through on deliverables, and operate effectively in a developing or evolving risk management environment
• HS diploma or GED

Nice To Haves

• Experience reviewing AI tools, generative AI use cases, AI-enabled products, automation, machine learning models, or emerging technology initiatives for cyber, privacy, compliance, operational, or business risk
• Experience supporting AI governance, responsible AI, model risk, product risk, supplier or third-party risk, security architecture review, privacy review, or technology risk review processes
• Experience with GRC or workflow platforms, including ServiceNow, Archer, Smartsheet, or Jira
• Knowledge of common AI risk themes, including sensitive data exposure, prompt or input risk, output reliability, unauthorized use, model or tool access, third-party AI services, intellectual property considerations, monitoring, and human oversight
• Knowledge of defense industrial base, federal, regulated, or compliance-driven environments
• Ability to develop process documentation, risk review templates, control checklists, decision trees, dashboards, or reporting materials
• Ability to mentor junior team members, coordinate across matrixed teams, or improve operational consistency within a developing program
• Bachelor’s degree
• Cybersecurity, risk, privacy, AI governance, or cloud Certification, including CISSP, CGRC, CRISC, CISA, Security+, AWS, Azure Certification

Responsibilities

• Review AI tools, platforms, AI-enabled products, generative AI use cases, automation, machine learning-enabled capabilities, and third-party AI integrations to identify cyber, technology, compliance, and operational risk.
• Work across technical and non-technical teams to understand how AI is being used, evaluate applicable policies and control expectations, and document risk decisions in a clear and defensible way.
• Translate complex AI and cybersecurity concepts into concise business impact statements, risk summaries, and leadership-ready reporting.
• Help mature the enterprise AI cyber risk review process by contributing to scalable templates, consistent criteria, repeatable practices, and trend reporting that highlights recurring control gaps.

Benefits

• health, life, disability, financial, and retirement benefits
• paid leave
• professional development
• tuition assistance
• work-life programs
• dependent care
• recognition awards program