Job title: AI Security & Compliance Consultant
Location: New York, NY
Full time
Position Overview
We are seeking an experienced AI Security & Compliance Consultant to design, implement, and oversee the governance framework for Artificial Intelligence and Machine Learning technologies across our mid-size credit fund. As we integrate advanced AI tools into underwriting, portfolio monitoring, risk management, and deal sourcing, this role ensures our deployment remains secure, compliant, and aligned with evolving financial regulations.
The ideal candidate bridges the gap between complex AI engineering, institutional cybersecurity, and financial compliance (SEC, FinCEN, GDPR/CCPA, and emerging AI-specific regulations).
Key Responsibilities
● AI Governance & Framework Design: Develop and maintain the fund’s AI risk management framework, ensuring alignment with standards like the NIST AI Risk Management Framework (AI RMF) and ISO/IEC 42001.
● Compliance & Regulatory Mapping: Monitor and interpret emerging AI regulations (e.g., EU AI Act, SEC AI rules, FTC guidelines) and translate them into actionable compliance controls for credit underwriting and investment operations.
● Data Security & Tool Implementation: Architect, configure, and manage enterprise data security and governance platforms (specifically Microsoft Purview) to discover, classify, and protect sensitive credit data interacting with AI ecosystems.
● Vulnerability & Risk Assessment: Conduct security assessments on proprietary and third-party AI/LLM tools, focusing on risks such as data poisoning, prompt injection, model inversion, and algorithmic bias.
● Data Privacy & Lineage: Partner with the data and IT teams to ensure that sensitive financial data, PII, and proprietary fund metrics used in AI training/inference comply with strict data privacy laws.
● Audit & Reporting: Prepare compliance reports and documentation for institutional LPs, internal auditors, and regulatory bodies demonstrating robust AI oversight.
Qualifications & Experience
● Experience: 5+ years in cybersecurity, IT compliance, or risk management, with at least 2+ years specifically focused on AI/ML security and data governance.
● Industry Knowledge: Direct experience working within financial services, ideally with a mid-size credit fund, private equity firm, or asset manager. Understanding of how AI
applies to credit risk modeling and alternative data is highly preferred.
● Technical & Tooling Expertise:
○ Hands-on experience setting up, configuring, and managing Microsoft Purview (Information Protection, Data Loss Prevention, and Data Lifecycle Management) or similar enterprise data governance suites.
○ Strong understanding of LLM architectures, data pipelines, cloud security (AWS/Azure), and common AI security vulnerabilities (OWASP Top 10 for LLMs).
○ Proven ability to define and implement sensitivity labels, access controls, and data retention policies for AI inputs and outputs.
● Certifications (Preferred): Microsoft Certified: Information Protection and Compliance Administrator Associate (SC-400), CISM, CISSP, or IAPP AIGP (Artificial Intelligence Governance Professional).