AI Enablement & Governance - AI Security & Controls Lead

Our story

At Alight, we believe a company’s success starts with its people. At our core, we Champion People, help our colleagues Grow with Purpose and true to our name we encourage colleagues to “Be Alight.”  We are passionate about connecting purpose with impact.  Alight empowers clients to build a healthier and more financially secure workforce by unifying the benefits ecosystem across health, wealth, wellbeing, navigation, and absence management.

Our Benefits

With a comprehensive total rewards package, Alight offers programs and plans that support your mind, body, wallet, and life. Benefits include health, dental and vision coverages starting Day One. Additionally, Alight colleagues enjoy wellbeing programs, retirement plans with contribution matching, generous time off, parental leave, continuing education, and career growth opportunities – all within a thriving global organization.

Flexible Working

So that you can be your best at work and home, we consider flexible working arrangements wherever possible. Alight has been a leader in the flexible workspace and “Top 100 Company for Remote Jobs” 6 years in a row.

Great Place to Work

Thanks to the work of every colleague, Alight has received multiple awards of recognition including “Great Place to Work” for the past 7 years and Fortune’s “Best Companies to Work For.” To learn more about our company culture and awards Click Here.

If you, Champion People, seek to Grow with Purpose, and embody the meaning of Be Alight – We invite you to join our team!  Learn more at careers.alight.com. 

The Role

The AI Enablement & Governance – Security & Controls Lead enables secure, responsible, and scalable AI adoption by defining, implementing, and evaluating AI‑specific security and risk controls across the AI lifecycle.

This role serves as a bridge between AI engineering, information security, privacy, and third‑party risk teams, ensuring that incremental AI risks introduced by models, training data, RAG architectures, and autonomous or semi‑autonomous agents are appropriately controlled by design.

The role partners closely with AI Engineering, Third‑Party Supplier Governance, Information Security, Privacy, and Risk teams to identify AI‑specific control gaps, define practical control requirements, support secure implementation, and evaluate effectiveness. The focus is on AI‑specific security concerns—not replacing existing security programs, but extending them thoughtfully for AI.

Responsibilities

AI Security, Policy, Standards & Guidance

• Partnering directly with AI Engineers & Developers, Information Security and governance teams to define AI-specific security and risk management standards covering AI/ML models, RAG solutions, and agentic architectures.
• Translating enterprise security principles and risk frameworks into AI‑appropriate guidance, addressing topics such as, model access control and abuse prevention, prompt and context security, data leakage, memorization, and inference risks, agent autonomy boundaries and safeguards
• Define AI runtime monitoring and incident response expectations, aligned to (and extending as needed) existing incident response playbooks.
• Ensuring AI security guidance remains aligned with evolving technology patterns, external expectations, and internal architectures, and external expectations (e.g. NIST AI RMF/CSF, NYDFS AI Cybersecurity, ISO/IEC 42001)
• Contributing to the broader AI policy hierarchy by ensuring security requirements are clearly mapped to AI governance policies, controls and standards.

Third‑Party AI & Model Risk Support

• Partnering with third‑party risk and supplier governance teams to Identify AI‑specific risks introduced by vendors, models, platforms, and APIs. 
• Defining AI security control expectations for vendors and managed services
• Supporting evaluation of vendor AI security posture, including training data handling, model protections, monitoring, and incident response capabilities.
• Contributing AI‑specific input to due diligence, onboarding, and ongoing vendor risk assessments.

Cross‑Functional Enablement & Advisory Support

• Acting as a trusted advisor to AI engineering, product, privacy, and security teams on how to safely design and deploy AI systems.
• Providing practical guidance that balances security rigor with business velocity.
• Helping teams understand what “secure by design” means for AI, without imposing unnecessary friction.

Requirements

• 5+ years of  relevant experience (or equivalent expertise) in information security, technology risk, AI governance, model risk management, privacy engineering, or related roles.
• Strong understanding of AI architectures, Machine learning pipelines, Retrieval‑augmented generation (RAG), Agentic and tool‑using AI patterns
• Demonstrated ability to translate technical AI and security concepts into clear control expectations and guidance.
• Experience working cross‑functionally with engineering, security, privacy, and risk teams.
• Practical, risk‑based mindset with strong judgment and attention to detail.
• Excellent written communication skills; ability to create clear, defensible documentation.
• Relevant certifications preferred (e.g., AAISM,  CISSP, CISM, CRISC, AIGP, cloud security certifications).
• Bachelor’s degree in Computer Science, Engineering, or related field, or equivalent practical experience

Application and Interview

By applying for a position with Alight, you understand that, should you be made an offer, it will be contingent on your undergoing and successfully completing a background check consistent with Alight’s employment policies. Background checks may include some or all the following based on the nature of the position: SSN/SIN validation, education verification, employment verification, and criminal check, search against global sanctions and government watch lists, credit check, and/or drug test. You will be notified during the hiring process which checks are required by the position.

Alight requires all virtual interviews to be conducted on video. 

Our commitment to Inclusion

We celebrate differences and believe in fostering an environment where everyone feels valued, respected, and supported. We know that diverse teams are stronger, more innovative, and more successful.

At Alight, we welcome and embrace all individuals, regardless of their background, and are dedicated to creating a culture that enables every employee to thrive. Join us in building a brighter, more inclusive future.

As part of this commitment, Alight will ensure that persons with disabilities are provided reasonable accommodations for the hiring process. If reasonable accommodation is needed, please contact alightcareers@alight.com.

Equal Opportunity Policy Statement

Alight is an Equal Employment Opportunity employer and does not discriminate against anyone based on sex, race, color, religion, creed, national origin, ancestry, age, physical or mental disability, medical condition, pregnancy, marital or domestic partner status, citizenship, military or veteran status, sexual orientation, gender, gender identity or expression, genetic information, or any other legally protected characteristics or conduct covered by federal, state, or local law.   In addition, we take affirmative action to employ disabled persons, disabled veterans, and other covered veterans.

Alight provides reasonable accommodations to the known limitations of otherwise qualified employees and applicants for employment with disabilities and sincerely held religious beliefs, practices and observances, unless doing so would result in undue hardship. Applicants for employment may request  reasonable accommodations/modifications by contacting their recruiter.

Authorization to work in the Employing Country

Applicants for employment in the country in which they are applying (Employing Country) must have work authorization that does not, now or in the future, require sponsorship of a visa for employment authorization in the Employing Country and with Alight.

Note, this job description does not restrict management's right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Alight business units.

#LI-Remote

We offer you a competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization.

Salary Pay Range

Minimum :

140,000.00 USD

Maximum :

180,000.00 USD

Pay Transparency Statement: Alight considers a variety of factors in determining whether to extend an offer of employment and in setting the appropriate compensation level, including, but not limited to, a candidate’s experience, education, certification/credentials, market data, internal equity, and geography. Alight makes these decisions on an individualized, non-discriminatory basis. Bonus and/or incentive eligibility are determined by role and level. Alight also offers a comprehensive benefits package; for specific details on our benefits package, please visit: Wellbeing and Benefits Selector Page - Alight

DISCLAIMER:

Nothing in this job description restricts management's right to assign or reassign duties and responsibilities of this job to other entities; including but not limited to subsidiaries, partners, or purchasers of Alight business units.

Alight Solutions provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, pregnancy, childbirth or related medical condition, veteran, marital, parental, citizenship, or domestic partner status, or any other status protected by applicable national, federal, state or local law. Alight Solutions is committed to a diverse workforce and is an affirmative action employer.