Careers / Project Services
AI Governance & Risk Analyst
Operates the Managed AI program for our clients on a recurring cadence. Maintains AI Acceptable Use Policy templates, runs DNS-layer shadow AI monitoring, manages Data Processing Agreements and BAA inventories, and packages quarterly evidence for client audit and insurance review.
About this role
The AI Governance & Risk Analyst operates the Managed AI program for our clients on a recurring cadence. You'll own AI policy maintenance, vendor risk monitoring, DPA management, and quarterly evidence packaging. Primary point of contact for AI-specific incident response.
What you'll do
- Maintain AI Acceptable Use Policy templates with vertical addenda (construction, mining, healthcare)
- Run DNS-layer shadow AI monitoring and produce the monthly AI Usage Report
- Manage Data Processing Agreements and BAA inventories with AI vendors
- Package quarterly evidence for client audit and insurance review
- Primary point of contact for AI-specific incident response
What we're looking for
- 3+ years in IT governance, security GRC, or comparable risk-analysis role
- Strong written communication and policy-drafting discipline
- Familiarity with regulatory frameworks (HIPAA, SOC 2, NIST CSF, NIST AI RMF, ISO 42001)
- Comfortable with technical security data (DNS logs, M365 audit, SIEM extracts)
- Eligible to work in the U.S.
You'll always hear from us
Every applicant gets a status update within 5 business days. See our 4-stage hiring process on the careers page.
Ready to apply?
Submit your resume and a few details. We review every application personally.
Apply for this Role View All Roles