The AI Security Analyst is responsible for evaluating, governing, and securing the organization’s adoption and use of artificial intelligence tools, platforms, and integrations.
Working under the direction of the Information Security Manager, this role ensures that AI technologies are deployed with appropriate security controls, data protection standards, and risk oversight across ai2io’s multi-tenant managed services environment.
Evaluates AI tools, SaaS integrations, and platform capabilities for security risk, data exposure, and compliance alignment before and during organizational adoption.
Develops and maintains the organization’s AI governance framework, including usage policies, application approval workflows, and data classification standards for AI contexts.
Coordinates with AI platform engineering teams to ensure sensitivity labels, access controls, and data boundaries are consistently governed under a centralized security standard.
Monitors AI usage across the organization using Microsoft Defender for Cloud Apps and other telemetry sources to identify shadow AI, unauthorized integrations, and data leakage risks.
Supports GRC and identity security functions as a secondary focus, including compliance evidence collection, access reviews, and framework alignment.

Requirements

Demonstrated understanding of AI and large language model security risks, including data leakage, prompt injection, excessive permissions, and shadow AI adoption.
Experience with Microsoft 365 security and compliance tools, including Microsoft Purview (DLP, sensitivity labels, data classification), Defender for Cloud Apps, and Entra ID.
Familiarity with OAuth 2.0, API permission models, and application consent frameworks in enterprise environments.
Experience with data classification, sensitivity labeling, and data loss prevention concepts and implementation.
Understanding of compliance frameworks (NIST CSF, SOC 2, NIST AI RMF) and the ability to map AI-related controls to framework requirements.
Familiarity with cloud security principles in Microsoft Azure, including identity, access management, and data residency considerations.
Scripting or automation capability (PowerShell, Python, or similar) for reporting and administrative tasks is a plus.
Strong research and analytical skills with the ability to evaluate emerging technologies and translate findings into actionable security recommendations.
Clear written and verbal communication skills, including the ability to explain AI security risks and control rationale to both technical and non-technical stakeholders.
Ability to work cross-functionally with engineering, operations, and business teams to embed security into AI adoption decisions.
Comfort operating in a fast-moving environment where AI capabilities and associated risks are evolving rapidly.
Ability to work effectively both independently and as part of a small, collaborative security team.

Benefits

Choice of comprehensive medical plans (including two PPO-style plans and a HDHP w/ HSA option)
Flex spending accounts (FSA)
Dental and vision plans
Comprehensive medical, dental and vision benefits extended to spouse / domestic partner and dependent children up to age 26
401k with company match and self-directed brokerage account option
PTO including additional paid time off during the last week of the year
Company paid life insurance coverage for employees and their eligible dependents
Short and long-term disability, AD&D coverage
Professional development opportunities, tuition reimbursement and professional licensing assistance
Paid parental leave after one year of employment

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

AI securitydata classificationsensitivity labelingdata loss preventionMicrosoft 365 securityMicrosoft PurviewOAuth 2.0PowerShellPythoncloud security

Soft Skills

research skillsanalytical skillswritten communicationverbal communicationcross-functional collaborationindependent workteam collaborationadaptability