Jobs · Information Technology · California

Senior Information Security Analyst, GRC/Responsible AI

Sandisk · Irvine, CA · 4 days ago
Information TechnologyFull-time

About the role

This position requires five days per week on-site at either the Milpitas or Irvine office.

Responsibilities

  • Drive security intake, risk assessment, and ongoing oversight of enterprise AI use cases, platforms, models, and third-party vendors.
  • Lead technical risk assessments and threat modeling covering data protection, identity and access, integration patterns, model and agent behavior, and emerging AI attack surfaces.
  • Design and recommend practical, scalable controls aligned with enterprise security standards and secure-by-design principles.
  • Partner with Legal, Privacy, Procurement, IT, Engineering, and business stakeholders to advance regulatory, contractual, and governance objectives related to AI.
  • Shape AI governance policies, standards, and operating procedures, and prepare materials for governance reviews.
  • Help build the end-to-end operating model for securing AI, from intake through approval and monitoring.
  • Apply program and system-level thinking across functions to drive consistency and scale.
  • Anticipate emerging AI risks and recommend adjustments to controls, processes, and standards.
  • Conduct technical and business process risk assessments and document treatment recommendations.
  • Support internal and external audits with metrics, evidence, and analysis, and drive remediation activities.

Qualifications

  • Bachelor's degree in information security, Computer Science, Engineering, or a related discipline, or equivalent experience.
  • 6+ years of progressive experience in Information Security, including exposure to GRC, risk management, or security governance in a complex enterprise environment.
  • Demonstrated technical proficiency in security, including hands-on experience with threat modeling, technical risk assessment, or security architecture reviews.
  • Practical understanding of AI and generative AI technologies and associated risks, including data protection, access management, model misuse, and supply chain considerations.
  • Familiarity with AI governance standards such as NIST AI RMF and ISO/IEC 42001.

Preferred Background

  • Experience in software development, security engineering, application security, cloud security, or security architecture.
  • Familiarity with secure development practices, secure-by-design principles, and modern engineering environments such as cloud, APIs, containers, and CI/CD pipelines.
  • Experience applying threat modeling methodologies (such as STRIDE, PASTA, or attack tree analysis) to enterprise systems or AI workloads.
  • Professional certifications such as CISSP, CISM, CRISC, or GSNA.
  • Technical security certifications such as GCIH, GPEN, CEH, OSCP, GWAPT, or CSSLP.
  • Hands-on experience with AI, ML, or generative AI in a security, risk, engineering, or architecture capacity.
  • Exposure to emerging AI integration patterns, agentic systems, or AI red teaming.

Additional Information

Sandisk is committed to providing equal opportunities to all applicants and employees and will not discriminate against any applicant or employee based on their race, color, ancestry, religion (including religious dress and grooming standards), sex (including pregnancy, childbirth or related medical conditions, breastfeeding or related medical conditions), gender (including a person’s gender identity, gender expression, and gender-related appearance and behavior, whether or not stereotypically associated with the person’s assigned sex at birth), age, national origin, sexual orientation, medical condition, marital status (including domestic partnership status), physical disability, mental disability, medical condition, genetic information, protected medical and family care leave, Civil Air Patrol status, military and veteran status, or other legally protected characteristics. We also prohibit harassment of any individual on any of the characteristics listed above. Our non-discrimination policy applies to all aspects of employment. We comply with the laws and regulations set forth in the "Know Your Rights: Workplace Discrimination is Illegal” poster. Our pay transparency policy is available here.

Similar jobs

Senior AI Security Engineer

RelativityIllinois, United States· Yesterday
Information Technology$130k–$195k/yrapply on kcura.wd1.myworkdayjobs.com