AI Governance Analyst

Everpure•Lehi, UT

18h•Onsite

About The Position

As an AI Governance Analyst within Everpure’s Global Information Security Office (GISO), you will be the primary guardian of our safe and innovative AI adoption. You’ll bridge the gap between cutting-edge technology and enterprise safety by managing the end-to-end lifecycle of AI tooling requests and risk assessments. Partnering closely with Legal, Privacy, and Engineering, you ensure our teams move fast while remaining within our security guardrails. Your mission is to transform governance from a "no" to a "how-to" for the entire organization.

Requirements

Security & AI Domain Expertise: A strong professional background in information security, risk management, or data governance within a SaaS environment, paired with a functional understanding of Large Language Models (LLMs) and their associated security risks.
Analytical Framework Proficiency: Proven ability to apply security and privacy frameworks (such as NIST, ISO 27001, or SOC 2) to evaluate third-party AI vendors and internal data flows for potential vulnerabilities.
Strategic Communication & Partnership: Exceptional ability to distill complex policy into clear, persuasive communications for diverse stakeholders, demonstrating a partnership-first mindset that enables business units to achieve their goals safely.
Organizational Agility: Exceptional program management skills with the capacity to prioritize high-volume requests and maintain meticulous documentation in a fast-paced, rapidly evolving regulatory and technological landscape.

Nice To Haves

A blend of technical and policy expertise, including experience with AI governance frameworks (e.g., EU AI Act, sectoral AI, or data protection guidance) and SaaS risk assessments. Working knowledge of DLP/CASB tools and a passion for building security awareness content that empowers teams to innovate safely.

Responsibilities

Accelerate Secure Innovation: Manage the end-to-end intake and risk assessment lifecycle for new AI tools and use cases, ensuring every service deployed on the Everpure Platform aligns with our security, privacy, and data handling standards.
Proactive Risk Management: Safeguard the enterprise by identifying and remediating unapproved AI usage through proactive monitoring and stakeholder collaboration, successfully converting "shadow AI" into governed, secure business assets.
Global Enablement & Literacy: Drive organizational AI literacy by developing self-service documentation, FAQs, and high-impact training programs that translate complex security requirements into actionable guidance for both technical and non-technical teams.
Operational Excellence: Optimize the AI Governance program’s efficiency by maintaining a comprehensive inventory of approved vendors and tracking key performance indicators—such as time-to-approval and exception trends—to drive continuous process improvement.