Vice President - Technology (AI Security & Risk Manager)

RennerBrown

New York, NY

Apply

JOB DETAILS

SALARY

$150,000–$175,000 Per Year

SKILLS

Access Control, Application Programming Interface (API), Artificial Intelligence (AI), Artificial Intelligence (AI) Programming Languages, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Communication Skills, Computer Science, Continuous Improvement, Contract Negotiation, Data Analysis, Data Management, Data Modeling, Data Science, Documentation, Ecosystems, Embedded Systems, Financial Services, ISO (International Organization for Standardization), Incident Response, Information/Data Security (InfoSec), Injections, International Electro-Technical Commission (IEC), Internet Security, Inventory Management, Leadership, Legal, MCP - Microsoft Certified Professional, Machine Learning, Machine Tool, Materials Tracking, Microsoft Product Family, Microsoft Windows Azure, Monitor Regulations, Phishing, Purchasing/Procurement, Regulations, Regulatory Compliance, Risk, Risk Analysis, Risk Management, Risk Modeling, Sarbanes-Oxley Act (SOX), Securities and Exchange Commission (SEC), Security Analysis, Security Architecture, Social Engineering, System Architecture, System Integration (SI), Technical Strategy, Threat Modeling, Trend Analysis, U.S. National Institute of Standards and Technology (NIST), Use Cases, Vendor/Supplier Evaluation

LOCATION

New York, NY

POSTED

30+ days ago

Responsibilities
The Technology department at our client is responsible for creating and continuously improving a robust and secure technology foundation that supports the firm's business activities. As artificial intelligence becomes deeply embedded in both internal operations and the broader vendor ecosystem, the firm faces a new and rapidly evolving risk surface. The AI Security & Risk Manager will be our client's dedicated subject matter expert at the intersection of AI and security, helping the firm navigate this landscape with rigor and clarity.
We are seeking a high-performing AI Security & Risk professional to join the Cybersecurity team. Reporting to the Head of Technology Risk, this individual will own the firm's approach to identifying, assessing, and managing risk introduced by AI both through internal AI deployments and through vendors increasingly embedding AI into their platforms. The role requires a practitioner who can operate at both a strategic and technical level: fluent in AI architecture and threat modeling while equally capable of communicating risk clearly to senior leadership and regulators. The candidate must build strong relationships across Technology, Legal, Compliance, and the business to ensure AI risk is managed as an enterprise priority, not a silo.
Additional responsibilities include:
AI Risk Governance & Strategy

Own and maintain the firm's AI risk framework, covering model risk, data privacy, adversarial threats, third-party AI, and regulatory compliance.
Develop and enforce AI usage policies in collaboration with Legal and Compliance, including acceptable use, data classification requirements, and prompt handling standards.
Maintain an inventory of AI tools deployed firm-wide both sanctioned and shadow and assess associated risk profiles.
Provide regular AI risk reporting to the Head of Technology Risk and senior leadership, including emerging threat trends, vendor posture changes, and control gaps.
Monitor the evolving regulatory environment for AI (EU AI Act, SEC guidance, DORA, NY DFS) and advise on compliance obligations and required controls.

Vendor AI Evaluation & Third-Party Risk

Lead security and risk assessments of vendors introducing AI capabilities into existing or new platforms, including evaluating model transparency, data handling practices, and auditability.
Develop and maintain a structured AI vendor evaluation framework, incorporating criteria for model governance, output reliability, data residency, and incident response obligations.
Partner with Procurement and Legal to ensure AI-specific provisions are reflected in vendor contracts, including data usage restrictions, model change notifications, and liability terms.
Maintain a tiered risk register of third-party AI integrations, with ongoing monitoring for material changes to vendor AI functionality, architecture, or ownership.
Engage directly with vendor security and product teams to assess AI-related controls and drive remediation of identified gaps.

AI Threat Modeling & Security Architecture

Conduct threat modeling for AI systems and integrations, including risks from prompt injection, model inversion, training data poisoning, and adversarial inputs.
Evaluate AI-specific attack surfaces introduced by LLM integrations, agentic workflows, and MCP-connected data sources.
Collaborate with infrastructure and application teams to embed AI security controls into deployment pipelines and system design reviews.
Assess risks associated with AI-generated content, including deepfake vectors, synthetic phishing, and automated social engineering in the context of financial services.
Contribute to the firm's broader security architecture by ensuring AI components are assessed within the existing control framework.

Internal AI Program Oversight

Serve as the security and risk point of contact for the firm's internal AI deployments, including Claude Enterprise and any future platform integrations.
Evaluate data retention, access control, and logging practices for AI platforms to ensure alignment with the firm's compliance and eDiscovery obligations.
Provide risk assessments for proposed AI use cases across the firm, including a structured framework for approving, conditionally approving, or declining adoption.
Support audit and compliance reviews related to AI, including evidence collection and engagement with regulators or external assessors as required.
Develop and deliver AI security awareness content for technology staff and end users.

Qualifications
Our client seeks to hire individuals who are highly motivated, intelligent and have demonstrated excellence in prior endeavors. In addition, qualified candidates will possess the following:

Bachelor's degree in Computer Science, Information Security, Data Science, or a related field; advanced degree a plus.
At least 710 years of experience in information security, technology risk, or a related field, with a minimum of 3 years focused on AI systems, machine learning security, or AI governance.
Deep understanding of the AI and LLM landscape, including foundation model architecture, agentic systems, RAG pipelines, and the risk implications of each.
Hands-on experience evaluating AI platforms and products, including the ability to assess vendor claims about model behavior, data handling, and security controls with appropriate skepticism.
Familiarity with AI risk frameworks and emerging standards, including NIST AI RMF, MITRE ATLAS, OWASP LLM Top 10, and ISO/IEC 42001.
Experience with vendor risk management in a regulated financial services environment, including contract negotiation support and third-party security assessments.
Knowledge of relevant regulatory frameworks including DORA, SOX, SEC cybersecurity disclosure rules, and GDPR/CCPA as they apply to AI data flows.
Strong technical skills sufficient to evaluate AI system architecture, API security, data pipeline design, and access control models without reliance solely on vendor documentation.
Excellent communication skills, with the ability to translate highly technical AI risk concepts into clear, decision-ready language for senior leadership, Legal, and Compliance.
Experience operating in a Microsoft-first environment, including familiarity with Entra ID, Azure, and M365 security tooling, is a strong plus.
Ability to work independently, manage competing priorities, and operate effectively in a fast-paced, lean team environment
Relevant certifications such as CISSP, CISM, CRISC, or emerging AI-focused credentials a plus

Expected annualized base salary of $150,000 - $175,000

About the Company

RennerBrown

Resume Resources

Free Resume Templates Free Resume Builder