Vice President, IT Application Security
AIG
CloudCyber SecurityPythonSDLC
Security Engineer, GRC
Writer
full-time
Posted on:
Location: California • 🇺🇸 United States
Visit company websiteJob Level
SeniorLead
Tech Stack
Cloud
About the role
- Lead AI regulatory compliance — Research global AI regulations, develop compliance strategies, and align AI development with transparency, fairness, and safety requirements.
- Own compliance programs — Manage SOC2, ISO 27001/27701/42001, GDPR, HIPAA, SOX readiness, and FedRAMP strategies.
- Drive enterprise risk management — Design frameworks for assessing and mitigating AI-specific and enterprise-wide risks.
- Manage third-party risk — Build vendor risk programs for AI/ML suppliers, cloud providers, and data processors.
- Champion data privacy — Lead privacy programs for AI training data and user information, ensuring compliance with GDPR, CCPA, and emerging laws.
- Coordinate audits and certifications — Oversee internal and external audits, evidence collection, and resolution of findings with minimal disruption.
- Enable compliance through partnership — Define requirements and collaborate with security, engineering, and legal teams to implement controls.
Requirements
- 8+ years in governance, risk, and compliance for technology companies.
- 5+ years managing compliance programs (SOC2 and ISO certifications required).
- Proven experience in emerging technology compliance, ideally AI/ML governance.
- Deep expertise in global privacy regulations and implementation.
- Strong program and stakeholder management skills.
- Expert in security frameworks (SOC2, ISO, NIST, GDPR, HIPAA, FedRAMP).
- Understanding of AI/ML technologies and their unique risk profiles.
- Proficiency with GRC platforms, automation tools, and risk assessment methods.
- Knowledge of cloud security compliance requirements.
- Experience with data governance, classification, and privacy-by-design.
- Track record of building compliance programs from the ground up.
- History of passing audits with minimal findings.
- Proven ability to translate regulations into actionable, business-aligned programs.
- Strong analytical approach to risk and compliance metrics.
- Experience with AI governance frameworks.
- Background in technology or engineering.
- Certifications such as CISA, CRISC, CIPP.
- Experience with public company compliance requirements.
- Knowledge of international data transfer mechanisms.
Similar jobs on JobTailor
Data Privacy, Cybersecurity Litigation Associate
DLA Piper
Cyber Security
Cybersecurity Cloud Subject Matter Expert – SME
Horizon Industries, Limited
AWSAzureCloudCyber SecurityOracle
Principal Software Developer – Data Engineering, Cybersecurity
Arctic Wolf
Amazon RedshiftApacheAWSCloudCyber SecurityDistributed SystemsElasticSearchKafkaMongoDBNoSQLPostgresRabbitMQ+5 more
Senior Applied AI/ML Engineer, Product Security Engineering
Adobe
AWSCloudCyber SecurityDockerEC2GoGoogle Cloud PlatformKubernetesPythonSparkSplunkSQL+1 more