Cybersecurity AI Risk and Governance Director, Global

Vantage Data Centers powers, cools, protects and connects the technology of the world's well-known hyperscalers, cloud providers and large enterprises. Developing and operating across North America, EMEA and Asia Pacific, Vantage has evolved data center design in innovative ways to deliver dramatic gains in reliability, efficiency and sustainability in flexible environments that can scale as quickly as the market demands.

Cybersecurity Department

The AI Cybersecurity Director is responsible for the technical security, risk management, and governance enforcement of artificial intelligence (AI), machine learning (ML), and large language model (LLM) systems deployed across Vantage Data Centers' operational, OT, and enterprise environments.

This role serves as the technical and security authority for AI security, ensuring AI systems are architected, deployed, and operated with appropriate controls for data protection, model integrity, access governance, monitoring, and humanintheloop decision enforcement. The AI Cybersecurity Manager ensures AI technologies deliver business value without introducing unacceptable cyber, operational, safety, workforce, or regulatory risk, in alignment with the Global Policies and Standards.

This role is based in Denver, CO or Ashburn, VA. In alignment with our flexible work policy (3 days on site required, 2 days flexible).

Essential Functions

• Establish enterprise governance for detection, classification, and management of unauthorized (shadow) AI across business units, in coordination with centralized AI functions.

• Define and enforce security architecture standards for AI, ML, and LLM platforms across cloud, hybrid, onprem, and OTadjacent environments.

• Provide security design oversight and approval for AI systems, including data pipelines, model hosting, inference paths, APIs, and integrations.

• Define enterprise methodology for AI security assessment covering architecture, design, and implementation across applications, agents, and workflows.

• Ensure AI architectures enforce segmentation, least privilege, deterministic behavior, and failsafe operation, particularly where OT or critical infrastructure data is involved.

• Establish AIspecific incident response playbooks and lead response to AIrelated security, safety, or governance incidents.

• Enforce controls preventing unauthorized model retraining, autonomous learning, or use of live production or OT data outside approved intent.

• Define security requirements for explainability, traceability, and output validation where AI influences operational, workforce, safety, or compliance outcomes.

• Drive alignment with ISO 42001 and related AI governance standards across applicable teams.

AI Data Protection and Trust Boundaries

• Enforce protections against prompt injection, data leakage, hallucination risk, unauthorized context expansion, and external model training exposure.

• Ensure sensitive enterprise, operational, personnel, and contractual data is not exposed to or retained by external AI platforms without approved safeguards.

• Approve and oversee AI data ingestion pipelines, enforcing purpose limitation, data minimization, and classification requirements.

• Validate encryption, access logging, retention, and deletion controls for data used by AI systems.

• Define and enforce controls preventing crossdomain data correlation that violates trust boundaries or governance constraints.

AI Threat, Risk, and Monitoring Management

• Perform AIspecific threat modeling, including risks such as data poisoning, model theft, inference abuse, output manipulation, and decision integrity compromise.

• Integrate AI threats into enterprise cybersecurity and OT risk models, including definition of compensating controls and escalation for systems exceeding risk tolerance.

• Own and maintain the AI risk register covering confidentiality, integrity, availability, explainability, data quality, model drift, adversarial attacks, and business impact.

• Ensure AI systems generate telemetry, logging, and audit trails sufficient to detect misuse, drift, or anomalous behavior.

• Integrate AI security monitoring into SOC, SIEM, and enterprise incident response workflows.

OT and Critical Infrastructure Safeguards

• Enforce prohibitions on autonomous AI control of OT assets, including power, cooling, BMS, fire suppression, and physical access systems.

• Validate oneway data flows, readonly access models, and manual override requirements where AI consumes OT telemetry.

• Partner with OT and infrastructure teams to ensure AI enhances visibility and decision support without compromising safety, reliability, or uptime.

• Oversee security reviews of vendorprovided and embedded AI capabilities, including model behavior, data handling, and contractual protections.

• Define and enforce minimum security and governance requirements for AI vendors, including audit rights and termination conditions.

Required Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, Data Science, Engineering, or related field, or equivalent experience.

• Minimum 10+ years of experience in cybersecurity, security architecture, or risk engineering roles.

• Handson experience securing data pipelines, APIs, cloud platforms, and analytics or MLenabled systems.

• Strong understanding of identity, access management, encryption, logging, and secure system design.

Preferred Qualifications

• Direct experience securing AI/ML platforms, LLMs, or analytics pipelines.

• Experience with cloud security (Azure, AWS, GCP) and SaaSbased AI platforms.

• Familiarity with OT, critical infrastructure, or safetycritical environments.

• Security certifications such as CISSP, CCSP, CISM, or cloud security certifications.

Key Skills & Competencies

• AI and machine learning security

• LLM and generative AI risk management

• Security architecture and threat modeling

• Data protection and access governance

• Incident response and forensic analysis

• Crossfunctional technical leadership

Physical Demands and Special Requirements

We operate with No Ego and No Arrogance. We work to build each other up and support one another, appreciating each other's strengths and respecting each other's weaknesses. We find joy in our work and each other, actively seeking opportunities to inject fun into what we do. Our hard and efficient work is rewarded with an above market total compensation package. We offer a comprehensive suite of health and welfare, retirement, and paid leave benefits exceeding local expectations.

Additional Details

• Salary Range: $200-$220K Base + Bonus (this range is based on Colorado market data and may vary in other locations)

• This position is eligible for company benefits including but not limited to medical, dental, and vision coverage, life and AD&D, short and long-term disability coverage, paid time off, employee assistance, participation in a 401k program that includes company match, and many other additional voluntary benefits.

• Compensation for the role will depend on a number of factors, including your qualifications, skills, competencies, and experience and may fall outside of the range shown.

#LI-DS3

#LI-Hybrid

We operate with No Ego and No Arrogance. We work to build each other up and support one another, appreciating each other's strengths and respecting each other's weaknesses. We find joy in our work and each other, actively seeking opportunities to inject fun into what we do. Our hard and efficient work is rewarded with an above market total compensation package. We offer a comprehensive suite of health and welfare, retirement, and paid leave benefits exceeding local expectations.

Throughout the year, the advantage of being part of the Vantage team is evident with an array of benefits, recognition, training and development, and the knowledge that your contribution adds value to the company and our community.

Don't meet all the requirements? Please still apply if you think you are the right person for the position. We are always keen to speak to people who connect with our mission and values.

Vantage Data Centers is an Equal Opportunity Employer

Vantage Data Centers does not accept unsolicited resumes from search firm agencies. Fees will not be paid in the event a candidate submitted by a recruiter without an agreement in place is hired; such resumes will be deemed the sole property of Vantage Data Centers.