AI Security Risk Management

You want more out of a career. A place to share your ideas freely - even if they're daring or different. Where the true you can learn, grow, and thrive. At Verizon, we power and empower how people live, work and play by connecting them to what brings them joy. We do what we love - driving innovation, creativity, and impact in the world. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together - lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life.

The Principal Security Risk Management will join Verizon's AI Security Services organization and be instrumental in creating and implementing transparent risk management strategies for AI systems across Verizon. This involves aligning policies, controls, and standards with industry frameworks like NIST AI RMF to ensure the secure and compliant development and operation of AI solutions throughout their lifecycle.

The ideal candidate is an experienced risk assessor with a proven track record spanning across information technology and third-party risk management. This will include translating complex technical risks into clear, concise language for diverse audiences, including non-technical stakeholders and executives. This team will have a critical role in pulling all AI related risks into a central repository, developing a standardized risk assessment methodology that continues to evolve based on AI/ML threat intelligence, industry trends, and stakeholder feedback as well as driving appropriate risk mitigation.

The Principal Security Risk Management should have a passion for AI and emerging technology. The successful candidate will possess and develop strong technical and interpersonal skills and will have the ability to handle high-profile matters and to work under pressure with minimal supervision.

Responsibilities:

• Ensuring AI-centric risk management processes and outcomes are established through policies and controls based on organizational priorities and tolerance.

• Documenting list of preliminary questions for information/technology risk assessments and thresholds to warrant a more in-depth review.

• Performing regular reviews of AI applications for compliance and alignment, documenting outcomes and sharing insights with stakeholders.

• Defining a standardized approach to rating and communicating risks related to Verizon's use of AI.

• Guiding the review and prioritization of AI projects in alignment with organizational risk priorities.

• Partnering with the business to embed security risk assessments into the AI technology selection and deployment workflow

• Ensuring identified "gaps" are understood and handed off to the appropriate operational teams to be driven through mitigation.

• Ensuring timely and well orchestrated VCS engagement in Verizon's secure AI efforts.

• Serving as a trusted advisor to the business and technology stakeholders across the enterprise to partner on AI security concerns.

This position can be located in other valid Verizon locations.

• Bachelor's degree or four or more years or experience.

• Six or more years of relevant experience required, demonstrated through work experience and/or military experience.

• Six years of experience in Cybersecurity.

• Five or more years of experience in GRC.

• Technical experience with AI / ML technologies.

• Demonstrated knowledge of AI related risks and mitigation strategies in particular for Generative AI solutions.

• Ability to identify business process risk introduced by GenAI capabilities by leveraging pre-existing knowledge of critical business applications (e.g., MyVerizon, ACSS, etc.)

• Experience in security policy and process design and/or process improvement.

• Comprehensive understanding of cyber based frameworks including NIST AI Risk Management Framework, MITRE ATLAS, and OWASP Top 10 LLM.

• Knowledge of large enterprise environments, cloud infrastructure and services, network protocols, network devices, multiple operating systems (Windows, macOS, Linux, etc.), and secure architectures.

• Experience performing comprehensive risk assessments.

• Strong analytical and critical thinking skills, excellent written and oral communication skills, and presentation skills.

• Highly collaborative with ability to articulate ideas and influence peers and senior leaders.

• Experience working on cross-functional teams including engineering, products teams, legal and security.

If Verizon and this role sound like a fit for you, we encourage you to apply even if you don't meet every "even better" qualification listed above.

Verizon is an equal opportunity employer. We evaluate qualified applicants without regard to veteran status, disability or other legally protected characteristics.