AI Enablement & Governance - AI Security & Controls Lead
Alight Solutions, Belleville, IL, United States
The Role
The AI Enablement & Governance – Security & Controls Lead enables secure, responsible, and scalable AI adoption by defining, implementing, and evaluating AI‑specific security and risk controls across the AI lifecycle. This role serves as a bridge between AI engineering, information security, privacy, and third‑party risk teams, ensuring that incremental AI risks introduced by models, training data, RAG architectures, and autonomous or semi‑autonomous agents are appropriately controlled by design.
Responsibilities
AI Security, Policy, Standards & Guidance
Partnering directly with AI Engineers & Developers, Information Security and governance teams to define AI‑specific security and risk management standards covering AI/ML models, RAG solutions, and agentic architectures.
Translating enterprise security principles and risk frameworks into AI‑appropriate guidance, addressing topics such as model access control and abuse prevention, prompt and context security, data leakage, memorization, and inference risks, agent autonomy boundaries and safeguards.
Define AI runtime monitoring and incident response expectations, aligned to (and extending as needed) existing incident response playbooks.
Ensuring AI security guidance remains aligned with evolving technology patterns, external expectations, and internal architectures, and external expectations such as NIST AI RMF/CSF, NYDFS AI Cybersecurity, ISO/IEC 42001.
Contributing to the broader AI policy hierarchy by ensuring security requirements are clearly mapped to AI governance policies, controls and standards.
Third‑Party AI & Model Risk Support
Partnering with third‑party risk and supplier governance teams to identify AI‑specific risks introduced by vendors, models, platforms, and APIs.
Defining AI security control expectations for vendors and managed services.
Supporting evaluation of vendor AI security posture, including training data handling, model protections, monitoring, and incident response capabilities.
Contributing AI‑specific input to due diligence, onboarding, and ongoing vendor risk assessments.
Cross‑Functional Enablement & Advisory Support
Acting as a trusted advisor to AI engineering, product, privacy, and security teams on how to safely design and deploy AI systems.
Providing practical guidance that balances security rigor with business velocity.
Helping teams understand what “secure by design” means for AI, without imposing unnecessary friction.
Requirements
5+ years of relevant experience (or equivalent expertise) in information security, technology risk, AI governance, model risk management, privacy engineering, or related roles.
Strong understanding of AI architectures, machine learning pipelines, retrieval‑augmented generation (RAG), agentic and tool‑using AI patterns.
Demonstrated ability to translate technical AI and security concepts into clear control expectations and guidance.
Experience working cross‑functionally with engineering, security, privacy, and risk teams.
Practical, risk‑based mindset with strong judgment and attention to detail.
Excellent written communication skills; ability to create clear, defensible documentation.
Relevant certifications preferred (e.g., AAISM, CISSP, CISM, CRISC, AIGP, cloud security certifications).
Bachelor’s degree in Computer Science, Engineering, or related field, or equivalent practical experience.
Benefits
With a comprehensive total rewards package, Alight offers programs and plans that support your mind, body, wallet, and life. Benefits include health, dental and vision coverages starting Day One. Additionally, Alight colleagues enjoy wellbeing programs, retirement plans with contribution matching, generous time off, parental leave, continuing education, and career growth opportunities within a thriving global organization.
Flexible Working
Alight has been a leader in the flexible workspace and has been recognized as Top 100 Company for Remote Jobs for six consecutive years.
Salary Pay Range
Minimum: $140,000.00 USD
Maximum: $180,000.00 USD
Authorization to Work in the Employing Country
Applicants must have work authorization that does not, now or in the future, require sponsorship of a visa for employment authorization in the Employing Country and with Alight.
Equal Opportunity Policy Statement
Alight is an Equal Employment Opportunity employer and does not discriminate against anyone based on sex, race, color, religion, creed, national origin, ancestry, age, physical or mental disability, medical condition, pregnancy, marital or domestic partner status, citizenship, military or veteran status, sexual orientation, gender, gender identity or expression, genetic information, or any other legally protected characteristics or conduct covered by federal, state, or local law. In addition, we take affirmative action to employ disabled persons, disabled veterans, and other covered veterans. Alight Solutions provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, pregnancy, childbirth or related medical condition, veteran, marital, parental, citizenship, or domestic partner status, or any other status protected by applicable national, federal, state or local law. Alight Solutions is committed to a diverse workforce and is an affirmative action employer.
Note on Job Duties
This job description does not restrict management's right to assign or reassign duties and responsibilities of this job to other entities, including but not limited to subsidiaries, partners, or purchasers of Alight business units.
#J-18808-Ljbffr
The AI Enablement & Governance – Security & Controls Lead enables secure, responsible, and scalable AI adoption by defining, implementing, and evaluating AI‑specific security and risk controls across the AI lifecycle. This role serves as a bridge between AI engineering, information security, privacy, and third‑party risk teams, ensuring that incremental AI risks introduced by models, training data, RAG architectures, and autonomous or semi‑autonomous agents are appropriately controlled by design.
Responsibilities
AI Security, Policy, Standards & Guidance
Partnering directly with AI Engineers & Developers, Information Security and governance teams to define AI‑specific security and risk management standards covering AI/ML models, RAG solutions, and agentic architectures.
Translating enterprise security principles and risk frameworks into AI‑appropriate guidance, addressing topics such as model access control and abuse prevention, prompt and context security, data leakage, memorization, and inference risks, agent autonomy boundaries and safeguards.
Define AI runtime monitoring and incident response expectations, aligned to (and extending as needed) existing incident response playbooks.
Ensuring AI security guidance remains aligned with evolving technology patterns, external expectations, and internal architectures, and external expectations such as NIST AI RMF/CSF, NYDFS AI Cybersecurity, ISO/IEC 42001.
Contributing to the broader AI policy hierarchy by ensuring security requirements are clearly mapped to AI governance policies, controls and standards.
Third‑Party AI & Model Risk Support
Partnering with third‑party risk and supplier governance teams to identify AI‑specific risks introduced by vendors, models, platforms, and APIs.
Defining AI security control expectations for vendors and managed services.
Supporting evaluation of vendor AI security posture, including training data handling, model protections, monitoring, and incident response capabilities.
Contributing AI‑specific input to due diligence, onboarding, and ongoing vendor risk assessments.
Cross‑Functional Enablement & Advisory Support
Acting as a trusted advisor to AI engineering, product, privacy, and security teams on how to safely design and deploy AI systems.
Providing practical guidance that balances security rigor with business velocity.
Helping teams understand what “secure by design” means for AI, without imposing unnecessary friction.
Requirements
5+ years of relevant experience (or equivalent expertise) in information security, technology risk, AI governance, model risk management, privacy engineering, or related roles.
Strong understanding of AI architectures, machine learning pipelines, retrieval‑augmented generation (RAG), agentic and tool‑using AI patterns.
Demonstrated ability to translate technical AI and security concepts into clear control expectations and guidance.
Experience working cross‑functionally with engineering, security, privacy, and risk teams.
Practical, risk‑based mindset with strong judgment and attention to detail.
Excellent written communication skills; ability to create clear, defensible documentation.
Relevant certifications preferred (e.g., AAISM, CISSP, CISM, CRISC, AIGP, cloud security certifications).
Bachelor’s degree in Computer Science, Engineering, or related field, or equivalent practical experience.
Benefits
With a comprehensive total rewards package, Alight offers programs and plans that support your mind, body, wallet, and life. Benefits include health, dental and vision coverages starting Day One. Additionally, Alight colleagues enjoy wellbeing programs, retirement plans with contribution matching, generous time off, parental leave, continuing education, and career growth opportunities within a thriving global organization.
Flexible Working
Alight has been a leader in the flexible workspace and has been recognized as Top 100 Company for Remote Jobs for six consecutive years.
Salary Pay Range
Minimum: $140,000.00 USD
Maximum: $180,000.00 USD
Authorization to Work in the Employing Country
Applicants must have work authorization that does not, now or in the future, require sponsorship of a visa for employment authorization in the Employing Country and with Alight.
Equal Opportunity Policy Statement
Alight is an Equal Employment Opportunity employer and does not discriminate against anyone based on sex, race, color, religion, creed, national origin, ancestry, age, physical or mental disability, medical condition, pregnancy, marital or domestic partner status, citizenship, military or veteran status, sexual orientation, gender, gender identity or expression, genetic information, or any other legally protected characteristics or conduct covered by federal, state, or local law. In addition, we take affirmative action to employ disabled persons, disabled veterans, and other covered veterans. Alight Solutions provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, pregnancy, childbirth or related medical condition, veteran, marital, parental, citizenship, or domestic partner status, or any other status protected by applicable national, federal, state or local law. Alight Solutions is committed to a diverse workforce and is an affirmative action employer.
Note on Job Duties
This job description does not restrict management's right to assign or reassign duties and responsibilities of this job to other entities, including but not limited to subsidiaries, partners, or purchasers of Alight business units.
#J-18808-Ljbffr