Principal, Cybersecurity & AI GRC
Job Description
Panda Restaurant Group offers a hybrid work arrangement in Rosemead, CA, with a salary range of USD 157,000 - 220,000 per year. This strategic role enables AI driven innovation while ensuring alignment with Panda’s values, regulatory obligations, and business objectives. You’ll join a team that prioritizes digital trust, privacy, and enterprise risk management, with opportunities for growth and collaboration across functions.
Benefits and culture
- Hybrid Work schedule
- 401K with company match
- Yearly bonus opportunity*
- Full medical, dental, and vision insurance *
- On-site fitness center, biometric screen, and flu shot clinic
- Discounts at Panda restaurants, theme parks, and gym memberships
- Paid time off starting at 15 days with 7 federal holidays*
- Continuous education assistance and scholarships*
- Income protection including Disability, Life and AD&D insurance*
- Bereavement leave*
- Benefits available for eligible permanent full time associates
Responsibilities
- Develops and refines the enterprise digital trust and AI enablement strategy, operating model, and governance; guides senior leadership on AI risk, privacy posture, and tradeoffs in business terms
- Creates policies and standards for responsible AI, privacy, data usage, transparency, and human oversight
- Integrates AI risk, privacy, and compliance into the organization’s GRC and risk management programs
- Establishes risk classifications, approval workflows, and lifecycle governance for AI and digital capabilities
- Clarifies decision ownership, escalation paths, and risk tolerance frameworks across the enterprise
- Leads enablement for high-risk, high-impact AI, data, and digital initiatives
- Provides Product, Engineering, Analytics, and Business teams with clear, practical guidance
- Defines and manages risk acceptance, exception handling, and escalation processes for AI and technology risk
- Collaborates with Legal and Privacy to operationalize regulatory requirements affecting AI, data, and automation
- Shapes platform, vendor, and tooling strategy related to AI capabilities and embedded AI features
- Represents digital trust, AI, and privacy enablement in enterprise architecture, risk, and investment discussions
Requirements
- Bachelor’s degree in Computer Science, Business, or an IT-related discipline
- At least seven years of experience in GRC, privacy, security, enterprise risk, or technology enablement with progressive management responsibilities; includes leading enterprise/security risk assessments, control design/testing, policy and standards development, TPRM programs, regulatory readiness programs, AI governance program design and implementation, and experience with AI governance and compliance frameworks (NIST AI RMF, EU AI Act, ISO 42001), including AI risk
- Proven expertise implementing and operationalizing cybersecurity frameworks and control programs: NIST CSF, NIST 800-53, ISO 27001/27002, CIS, NIST AI RMF, ISO 42001
- Successful completion of initial and periodic trainings
- Must obtain a valid Food Handler's Card within 30 days of employment
Technologies
- NIST CSF
- NIST 800-53
- ISO 27001/27002
- CIS
- NIST AI RMF
- ISO 42001
Similar Jobs
J