Senior Manager Cyber Security

About The Position

Requirements

• Bachelor’s degree in Information Systems, Computer Science, Data/Analytics, or related field; or equivalent experience.
• 7–10+ years in IT risk, data governance, analytics/ML governance, or compliance with at least 3 years leading programs or teams.
• Experience with data governance (catalogs, lineage, quality, stewardship) and AI/ML lifecycle governance (model documentation, validation, monitoring).
• Strong knowledge of risk frameworks (NIST AI RMF, ISO/IEC 42001, ISO 27001, SOC 2) and privacy (GDPR, CCPA).
• Proven ability to orchestrate cross‑functional governance across IT, Security, Legal, Compliance, Privacy, Audit, and business stakeholders.
• Excellent communication skills—able to translate technical risks into business terms and influence senior leadership.

Nice To Haves

• Governance design: policy writing, control frameworks, RACI, operating models.
• Risk management: assessments, control testing, issue remediation, KRIs.
• Data management: metadata, lineage, quality management, access control.
• AI/ML: model lifecycle, validation/testing, bias/fairness, explainability.
• Privacy & security: PIAs/DPIAs, encryption, anonymization, secure architecture.
• Stakeholder leadership: facilitation, change management, executive reporting.
• Vendor management: due diligence, contract clauses, ongoing monitoring.

Responsibilities

• Design, publish, and maintain the AI & Data Governance Framework, integrating NIST AI RMF, ISO/IEC 42001 (AI management systems), ISO/IEC 27001, SOC 2, GDPR/CCPA, and internal risk policies.
• Participate in the AI Governance Council
• Define acceptable use and procurement standards for AI tools (incl. generative AI), covering data protection, IP, confidentiality, model transparency, human oversight, and safe deployment practices.
• Author policies and standards: data classification, data retention, model documentation, bias testing, explainability, incident response, and vendor due diligence for AI/ML.
• Partner with Data Architecture to embed governance into data platforms (e.g., lakehouse, warehouse, analytics, feature stores).
• Build and oversee Model Risk Management (MRM): inventory, tiering, risk assessments, validation/testing, drift/bias monitoring, retraining triggers, and sunsetting procedures.
• Create control libraries for AI/ML (design-to-deploy), including validation, performance metrics, robustness testing, and contingency plans.
• Coordinate privacy impact assessments (PIA/DPIA) and security threat modeling for AI use cases; enforce least privilege and data minimization.
• Partner with Engineering/MLOps to integrate governance into CI/CD for ML models: documentation, approvals, monitoring dashboards, alerts, and rollback.
• Establish model documentation standards: purpose, training data, evaluation metrics, risk assessments, explainability artifacts, and human-in-the-loop procedures.
• Develop training and awareness programs for responsible AI use; guide business teams on compliant AI solution design.
• Manage third‑party AI vendors, contracts, and ongoing risk monitoring (performance, security, privacy, compliance).
• Define KPIs/KRIs for AI & data governance (e.g., % of AI systems inventoried and risk-tiered, data quality scores, model drift incidents, bias test coverage, PIA completion rate).
• Produce board/executive reporting on AI risk posture, control effectiveness, and program maturity; support internal/external audit requests.
• Drive continuous improvement against a maturity model and benchmark program performance.