AI Security Analyst
IndiaJob Description
Key Skills Required
Master these to land this role
Want to know if you're a match for this job?
About the Role
We are building an AI Security and Governance capability and need an AI Security Analyst to be the front line for detecting, investigating, and containing risk across every AI tool, agent, and model touching AlphaSense's environment.
You will monitor enterprise AI usage end to end, hunt for unauthorized ("shadow") AI and rogue agent activity, and turn raw AI telemetry into triaged findings the security and governance team can act on. Working alongside the Automation Engineer, Data Analyst, and Director, you will be a primary contributor to the evidence base underpinning our ISO 42001 certification and our broader AI risk posture.
Key Responsibilities
- AI Tool Discovery & Shadow AI Monitoring: Continuously monitor CASB/SWG, OAuth, and endpoint telemetry to discover unsanctioned AI tools, browser extensions, and API-level agents in use across the business. Classify findings by risk tier and escalate unauthorized deployments for containment.
- Rogue Agent Detection & Investigation: Investigate alerts related to autonomous agents and AI-powered workflows (e.g., anomalous tool chains, unexpected data access, credential misuse) including threats such as OpenClaw and similar agent-based attack patterns. Document findings and drive remediation with the Automation Engineer and Identity teams.
- AI Data Exfiltration Detection & DLP: Monitor DLP and AI usage logs for signs of sensitive data leaving the environment through AI tools (prompts, uploads, plugins, MCP connectors). Tune detection rules and validate that AI-specific DLP controls are operating as designed.
- Developer AI Tool Governance: Monitor usage of developer-facing AI tools (GitHub Copilot, Claude Code, Codex, and similar) for policy compliance, credential exposure, and non-human identity risk. Partner with Engineering to ensure code-assist and agentic dev tools operate within approved guardrails.
- AI Logging, Retention & Audit Support: Maintain and validate AI activity logging and data retention controls to ensure auditability. Assemble and organize evidence supporting ISO 42001 audits, EU AI Act readiness, and internal AI impact assessments.
- Detection Tuning & Continuous Improvement: Analyze false positive/negative trends across AI security detections and recommend threshold and logic adjustments. Feed recurring patterns into the Automation Engineer's playbook backlog.
- Cross-functional Collaboration: Partner with Security Operations, Identity, Legal, and AI/ML Engineering to align findings with existing incident response processes, and support the Director in preparing risk findings for governance council and executive reporting.
Who You Are
Basic Requirements
- 3-5+ years in security analysis, SOC, or GRC analyst roles
- Working knowledge of SIEM platforms (Splunk, Microsoft Sentinel, Google Chronicle) and DLP/CASB tooling
- Understanding of AI/LLM risk concepts: prompt injection, data exfiltration via AI tools, model/agent misuse, shadow AI
- Familiarity with non-human identity concepts (service accounts, API keys, OAuth tokens) and their security challenges
- Understanding of threat detection logic (MITRE ATT&CK; exposure to MITRE ATLAS or OWASP LLM Top 10 a plus)
- Comfortable reading and interpreting logs, API telemetry, and structured/unstructured investigation data Basic scripting or query proficiency (Python, SQL, or SPL/KQL) for investigation and reporting
- Strong written documentation habits
- Ability to translate technical findings into clear, risk-based narratives Familiarity with cloud environments (AWS, Azure, or GCP)
How would you rate this job post?
See what other professionals think about this role.
Safety First
- Never pay for a job application.
- Do not share sensitive bank info.
- Verify the client before starting work.