Director, AI Governance, Automation & Analytics

About AlphaSense: The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content. The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us! What You’ll Own AI Agent Governance & Shadow AI Defense Build and operate a centralized AI agent registry—every autonomous agent, bot, MCP connector, and AI-powered workflow across the enterprise is inventoried, owned, and monitored. Use next-gen tools as the discovery engine and extend coverage to API-level and browser-extension agents. Lead shadow AI containment: detect, classify, and govern unauthorized AI deployments across business units. Turn the current reactive posture into proactive continuous discovery with real-time alerting. Enforce agent identity governance—treat AI agents as first-class security principals with their own identities, least-privilege access controls, credential rotation, and lifecycle management. Partner with Identity to extend Zero Trust to non-human identities. Build incident response playbooks specifically for agent-induced incidents: goal hijacking, unauthorized data access, privilege escalation through AI tool chains, and MCP-based credential exposure. Define and enforce agent deployment gates—no AI agent goes to production without security review, risk classification, and registration in the central registry. AI Governance & Compliance Frameworks Own AlphaSense’s AI governance program end-to-end: policy frameworks, risk classification tiers, AI impact assessments, and the cross-functional governance council (Security, Legal, Product, Engineering, HR). Drive ISO 42001 (AI Management System) certification—define scope, build the AIMS, lead the audit. This is a near-term strategic priority. Build and maintain the AI risk taxonomy covering bias, explainability, data quality, model drift, adversarial attacks, and societal impact—mapped to EU AI Act risk tiers, NIST AI RMF, and internal product requirements. Monitor and prepare for emerging regulatory requirements: EU AI Act enforcement timelines, DORA’s AI-related incident reporting obligations, U.S. state-level AI legislation, and sector-specific AI guidance. Establish AI-specific cyber risk quantification (CRQ) models that translate AI risk into financial impact for board-level reporting and investment prioritization. Security Automation & Analytics Architect and deploy AI-powered security automation—targeting high-toil workflows like alert triage, evidence collection, vendor risk questionnaires, and incident enrichment. Build analytics pipelines that generate actionable intelligence from security telemetry across the security stack —turning raw data into risk signals, trend detection, and efficiency metrics. Work with teams to deploy and tune AI-driven detection capabilities: behavioral anomaly detection, insider risk correlation, and automated threat hunting across endpoints and cloud. Drive continuous control monitoring for AI-specific controls—automated validation that AI governance policies are being enforced, not just documented. Own security program metrics, KPIs, and KRIs: build dashboards and reporting that communicate risk posture, automation coverage, and governance maturity to executive leadership and the board. Cross-Functional Partnership & Team Leadership Partner with Engineering and AI/ML teams to embed security controls directly into AI development, training, and deployment pipelines—shifting governance left into the build process. Collaborate with Product Security to ensure customer-facing AI features meet governance requirements and can withstand adversarial use cases (prompt injection, data extraction, jailbreaking). Work with Legal and Privacy to align AI governance policies with data protection requirements across jurisdictions (GDPR, CCPA, China DSL/PIPL). Build, mentor, and grow a team of AI governance and security automation specialists—people who understand both the regulatory landscape and the technical architecture of modern AI systems. Represent AlphaSense at industry forums, standards bodies, and customer conversations related to AI governance, AI security, and responsible AI practices. What We’re Looking For Required 8+ years in security, with 3+ years in leadership roles spanning AI/ML security, security automation, or security analytics. Deep understanding of AI/ML architectures: LLMs, transformer models, fine-tuning pipelines, RAG systems, embeddings, and associated attack surfaces (prompt injection, training data poisoning, model extraction, adversarial inputs). Hands-on experience building or leading security automation programs—SOAR playbooks, automated detection pipelines, evidence collection systems, or AI-driven alert triage. Working knowledge of AI governance frameworks: ISO 42001, NIST AI RMF, EU AI Act risk classification, or equivalent enterprise AI governance programs. Experience with non-human identity governance: service accounts, API keys, OAuth tokens, agent credentials—and the security challenges of machine-to-machine communication at scale. Demonstrated ability to build and operationalize security tooling integrations across a modern cloud security stack (CSPM, EDR, SIEM/SOAR, DLP, identity). Experience with cyber risk quantification and translating technical risk into business and financial terms for executive and board audiences. Strong cross-functional collaboration skills—proven ability to partner with Engineering, Product, Legal, and ML teams in a fast-paced SaaS environment. Proficiency in building analytics and dashboards from security telemetry—SQL, Python, or BI tools to generate insights from large-scale security data. Strongly Preferred Experience leading or contributing to ISO 42001 certification, EU AI Act compliance programs, or formal AI risk management implementations. Background in securing agentic AI systems: agent registries, MCP security, tool-use governance, agent-to-agent communication controls, and runtime action attribution. Experience with AI Security Posture Management (AI-SPM) or building AI asset inventories (AIBOM) in enterprise environments. Familiarity with shadow AI discovery and containment—including CASB/SWG-based real-time detection, OAuth audit, and browser extension monitoring. Experience deploying AI/ML within security workflows: NLP-driven log analysis, ML-based anomaly detection, LLM-powered security automation. Professional certifications such as CISSP, CISM, CCSP, or AI-specific credentials. Contributions to AI security research, standards bodies (OWASP AI, NIST, ISO), or industry publications. Experience supporting IPO readiness, SOX, or investor due diligence from a security analytics and risk quantification perspective. Why Join Us? Own a greenfield AI governance program at a company where AI is the product—not a side project. AlphaSense’s market intelligence platform is built on NLP, LLMs, and ML, so AI governance here is a first-order business priority. Inherit a purpose-built next-gen AI security stack that most security teams spend years trying to get budget for—your job is to operationalize it, not justify it. Work at the frontier of agent security: with 3M+ AI agents now operating across corporations globally and only 14% receiving full security review, you’ll be building governance models that the industry is still figuring out. Direct board and executive visibility—AI governance is a material topic for AlphaSense’s IPO readiness and enterprise customer trust. Your work directly impacts revenue, risk posture, and market credibility. Join a security leadership team that values builders, not bureaucrats—we ship automation, not slide decks. Competitive compensation, equity, and benefits in a high-growth company with strong market position. For base compensation, we set standard ranges for all roles based on function and level benchmarked against similar stage growth companies and internal comparables. In order to be compliant with local legislation, as well as to provide greater transparency to candidates, we share salary ranges on all job postings regardless of desired hiring location. Final offer amounts are determined by multiple factors including candidate experience/expertise and may vary from the amounts listed below. You may also be offered a performance-based bonus, equity, and a generous benefits program. Base Compensation Range $209,000—$250,000 USD AlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense’s commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination. In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works. Recruiting Scams and Fraud We at AlphaSense have been made aware of fraudulent job postings and individuals impersonating AlphaSense recruiters. These scams may involve fake job offers, requests for sensitive personal information, or demands for payment. Please note: AlphaSense never asks candidates to pay for job applications, equipment, or training. All official communications will come from an @alpha-sense.com email address. If you’re unsure about a job posting or recruiter, verify it on our Careers page. If you believe you’ve been targeted by a scam or have any doubts regarding the authenticity of any job listing purportedly from or on behalf of AlphaSense please contact us. Your security and trust matter to us.