IT Governance Engineer - Virtual

About The Position

Requirements

• 5+ years in DevOps, MLOps, platform engineering, backend development, or cybersecurity, with a focus on automation and controls.
• Strong programming skills (Python preferred), experience with APIs, and automation frameworks.
• Experience integrating governance, risk, or compliance controls into engineering workflows.
• Deep understanding of cybersecurity principles, threat modeling, vulnerability management, and incident response.
• Familiarity with regulatory frameworks (NIST AI RMF, ISO 42001, SOC2, EU AI Act) and AI safety/fairness concepts.
• Experience building tools for model evaluation, monitoring, and documentation.
• Analytical, troubleshooting, and documentation skills.
• Excellent collaboration and communication skills.

Nice To Haves

• Experience with cloud security, identity and access management, and secure software development practices.
• Understanding of LLM architectures and AI model evaluation (bias, fairness, interpretability, drift, hallucinations).
• Experience with audit, evidence collection, and compliance testing.
• Familiarity with JIRA, CI/CD tools, and cloud platforms.

Responsibilities

• Technical Governance Architecture: Design and implement automated inventory collection, monitoring, and risk scoring for all AI systems, models, and tools.
• Security Integration: Architect and enforce security controls for AI systems, including access management, data protection, vulnerability scanning, and incident response protocols.
• Workflow Integration: Build and integrate governance controls, approval of workflows, and checkpoints into SDLC, and engineering pipelines.
• Automation & Tooling: Develop tools for auditing, scanning, and evaluating AI models (e.g., for toxicity, drift, hallucinations). Implement model documentation standards (model cards, evaluation pipelines).
• Cyber Risk Management: Conduct risk assessments for AI systems, identify potential threats, and implement mitigation strategies. Collaborate with cybersecurity teams to ensure AI systems comply with organizational and regulatory security standards.
• Compliance & Oversight: Support evidence collection for audits (SOC2, ISO, internal/external regulators). Ensure technical controls meet regulatory and policy requirements.
• Collaboration: Work closely with Security, Privacy, Legal, Data Governance, and Engineering teams to embed governance and security into product and platform development.
• Continuous Improvement: Monitor emerging risks, regulatory changes, and industry best practices. Enhance automation, controls, and technical documentation as needed.
• Enablement: Support training and enablement initiatives by building toolkits and technical resources for engineers and business users.

Benefits

• We offer programs and plans for a healthy mind, body, wallet and life because it’s important our benefits care for the whole person. Options include a variety of health coverage options, wellbeing and support programs, retirement, vacation and sick leave, maternity, paternity & adoption leave, continuing education and training as well as several voluntary benefit options.