Principal AI Security Auditor – Compliance | Pune, Mumbai or Hyderabad

About the team:
The global Governance, Risk and Assurance team is responsible for reviewing compliance with AI control frameworks, policies and procedures. The team is part of the wider Cybersecurity Engineering and Assurance team.
In this role, you will execute several of our compliance programs across our different product lines and processes, in very close coordination with Privacy, Engineering, Cloud Operations, Product teams and strongly contributing to our AI Management System

In this role you will
Set up and run AI compliance programs
Perform internal compliance audits
Contribute to the AI compliance strategy
Contribute to vendor and third-party management
Contribute to global business impact assessments and risk assessment programs
Work closely with the global Security and Compliance, Privacy, Engineering, and Products team
Interface and partner with cross functional leaders from Privacy, Product, Legal, Engineering, Cloud Operations, IT and other functions on designing effective controls to improve AI compliance and manage risk
Identify business, AI, privacy, cybersecurity and technology risks, evaluate internal controls to treat risks, and develop opportunities to continuously improve internal controls
Work with control owners to ensure control objectives and activities meet compliance standards for effectiveness and evidence, and ensuring operational efficiencies
Work with Cornerstone’s external audit partners and cross functional teams to schedule appropriate internal audit testing and/or risk assessments
Recommend updates to AI, privacy and security policies, standards and procedures to address new industry practices, requirements and standards based on security and compliance requirements

You’ve got what it takes if you have
Degree in Information Technology, Computer Science, or related fields
Alternatively, legal or relate degree with strong IT and compliance knowledge
7 to 10 years total experience
5+ years in IT or privacy certifications compliance program management (ISO 27001, 27701), or AI compliance (ideally with ISO 42001 or NITS AI RMF)
3-4 years in project and process management and improvement
3-4 years in multi-country/global Information Technology organization (preferably SaaS)
Knowledge, understanding and appetite for Responsible AI and Privacy
Experience on third-party compliance management processes
Experienced in metrics, maintaining dashboards and executive reporting
Adequate knowledge of AI technology and AI challenges
Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism
Excellent data analysis, documentation and articulation skills
Excellent communication, presentation and collaboration skills
Excellent English language skills (written and oral)

#LI-Hybrid