Sr Lead Security Engineer - AI Governance

About The Position

Requirements

• Formal training or certification in software and/or security engineering concepts, with 5+ years of applied experience in enterprise environments.
• Proven ability to plan, design, and implement enterprise-level security solutions across diverse technology domains, including cloud and AI.
• Deep knowledge of software application development, technical processes, and security controls, with specialization in at least one area such as cloud, artificial intelligence, machine learning, or mobile technologies.
• Extensive experience with threat modeling, vulnerability assessment, discovery, and penetration testing, including risk triage and mitigation strategies.
• Demonstrated ability to independently tackle complex design and functionality problems, proactively identifying risks and blockers and driving remediation.
• Practical experience with cloud-native architectures and AWS environments, including module currency reporting and remediation.
• Strong partnership skills, with a track record of collaborating with Application Owners (AOs), senior leadership, and cross-functional teams to embed security and compliance from the design phase through deployment.
• Experience establishing and maintaining linkages between technology risk committees and governance functions, ensuring secure deployment and oversight of AI use cases.
• Ability to act as a key advisor in vendor onboarding, contract review, and internal process navigation, ensuring early engagement and compliance.

Nice To Haves

• Demonstrated experience in AI governance and technology risk management, with a proven ability to bridge governance and risk functions for secure AI deployment.
• Strong track record of providing senior leadership with actionable risk insights and supporting prioritization for application owners.
• Experience with AWS module currency reporting and remediation, including clear accountability structures.
• Ability to partner with application owners and vendors from the design phase, ensuring compliance and preventing misinformation through early engagement.
• Experience in vendor onboarding processes, contract review, and internal process navigation.
• Advanced proficiency in one or more programming languages, with hands-on experience in secure software development practices. (any specific languages)

Responsibilities

• Facilitates security requirements clarification for multiple networks to enable multi-level security to satisfy organizational needs
• Enhances partnership with Application Owners (AOs) to proactively address changes in their applications. Embeds TRC involvement from the design phase (e.g., Quantum replatforming) to ensure compliance from the outset, rather than only at checkpoints.
• Provides senior leadership with visibility into key risks and blockers, including forecasting future issues. Ensures this is a standing agenda item in leadership meetings to highlight risks, weaknesses, and support AOs with prioritization.
• Takes formal responsibility for AWS module currency reporting and remediation, clarifying accountability for AOs and reducing confusion by embedding this within the risk team.
• Establishes closer linkage between the Technology Risk Committee (TRC) and AI Governance, recognizing that technology risk is key to AI governance. Partners with current governance processes to ensure secure deployment of AI use cases and integrates technology AI governance as a core component of the role.
• Acts as a key component in vendor onboarding, ensuring proper contract terms, advising on design, and shepherding vendor applications through internal processes. Early engagement prevents misinformation and streamlines onboarding (e.g., Sigma case study).
• Works with stakeholders and senior business leaders to recommend business modifications during periods of vulnerability
• Be responsible for triaging based on risk assessments of various threats and managing resources to cover impact of disruptive events

Benefits

• We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more. Additional details about total compensation and benefits will be provided during the hiring process.