Data Platforms and AI Access Control Lead

Role Purpose 

The Data Platform & AI Access Control Lead is responsible for ensuring the secure, compliant, and responsible usage of organizational data and AI systems. They bridge the gap between AI engineering, information security, and governance by defining permissions for both human users, Functional Accounts, Service Principles and autonomous AI agents across modern Data Platforms, Analytics ecosystems, AI/ML solutions, and Generative AI environments. 

This role will be responsible for establishing secure and compliant Data & AI Access ecosystems by integrating IAM, governance, privacy, risk management, and regulatory compliance into Data Platforms and AI Operations. 

The ideal candidate will possess deep expertise in Access Management practices in cloud-native data, AI platforms, AI/GenAI security, Role Based Access Control methodologies, regulatory compliance frameworks, and secure engineering practices. 

The role requires strong collaboration across Data & AI Platform Engineering, IT, Security, Legal, and AI Engineering teams (data science/DevOps/Machine Learning Engineering) to ensure secure, compliant and resilient access control management across Data & AI environments 

Key responsibilities: 

Data & AI Platforms Identity & Access Management Governance 

• Entity Permissions: Define and manage access rights for both human employees and non-human entities (e.g., AI agents, MLOps pipelines, service accounts). 

• Access Control Matrix: Develop and maintain Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) matrices to dictate who (or what) can read, write, modify, or execute datasets and models. 

• Principle of Least Privilege: Enforce minimum-necessary access to limit the blast radius ofdata exposure and internal threats 

• Access Architecture: Design end-to-end authorization frameworks enforcing least-privilege and Attribute-Based Access Control (ABAC) across Azure data estates 

• IDAM Tools Integration: Manage integrations between IDAM Tools like Microsoft Entra ID (Azure AD), SailPoint, Octa etc and data platforms (Azure Data Lakes, Azure Synapse, Fabric, and Databricks, and AI/ML Platforms). 

• Lifecycle Management: Automate access provisioning, role mapping, and de-provisioning workflows for clinical, research, and business users. 

• Define, monitor & track Access Controls, risk metrics & KPIs against Data Access Management Policies. 

• Identify and mitigate Data & AI-Specific access risks including Data Leakage, Unauthorized Data Exposure, etc. 

• Maintain enterprise Access Management policies, standards, and control frameworks 

• Ensure Secure access to enterprise data ecosystems including but not limited to: Data Lakes, Data Warehouses, ETL/ELT Pipelines, Analytics Platforms, Data APIs, Gen AI Applications and Services.  

• Ensure implementation of secure data access, encryption, masking, retention, and governance controls across Data Engineering & MLOps pipelines. 

• Conduct Data Access (IDAM) Compliance & Data Security Assessment: Microsoft Fabric, Azure Data Services, Databricks, Snowflake, enterprise Data & AI platforms and Applications by conducting Monthly, Quarterly & Half-Yearly and Yearly Access assessment Audits 

• Maintain SOPs, Runbooks and Knowledge Repositories. 

• Maintain risk registers and access governance reporting mechanisms. 

• Support investigations and Perform root cause analysis related to Data & AI platform access violation incidents. 

• Collaborate with Business users, Application Owners, IAM teams to ensure enterprise IDAM policies implemented across Data & AI platforms.  

• Closely working with AI Governance & Responsible AI central teams to align with enterprise policies and regulatory expectations. 

• Implement automated compliance reporting and logging to audit how Data & AI models interact with sensitive corporate and customer data. 

• Lead Compliance Initiatives aligned with ISO 27001, SOC2, GDPR, PCI-DSS, HIPPA, DPDP and AI Governance Frameworks. 

• Coordinate audits, assessments, and evidence management activities. 

• Partner with Legal, Privacy, Risk, and Audit teams to ensure regulatory adherence. 

• Contribute directly to hands‑on capacity to Gen AI Operations troubleshooting, and optimisation. 

Leadership & Stakeholder Engagement 

• Cross-Functional Liaison: Serve as the primary connector bridging Data Science/AI Engineering teams with Legal, Privacy, and Cybersecurity departments. 

• Strong collaboration with Data & AI Operations Lead, Data & AI Security Compliance lead to ensure alignment among all services towers 

• Mentor Data Engineering, Access and Operations professionals. 

• Lead awareness and training programs related to Data & AI Access Management best practices. 

• Escalate and remove blockers in a complex, matrix organisation, engaging senior stakeholders as required. 

• Act as the primary point of contact for Data & AI Platform Access Management Programs. 

• Drive user adoption, service awareness, training coordination, and feedback management. 

• Ensure Timely Communication to stakeholders during Access Control Shortfalls, High Impact Incidents and Changes.  

• Support AI Governance and Responsible AI processes through engagement with Architecture Review Boards and AI/ML Architects  

• Ensuring close alignment to internal & external regulatory and compliance requirements, Access Governance & Data Lifecycle Audits with no critical or high findings or violation against them. 

Key Skills: 

• Identity & Access Management 

• AI & GenAI Data Security 

• Access Compliance & Governance 

• Data Platform & Cloud Security 

• Access Risk Management 

• Regulatory Compliance 

• Security, Risk and Compliance Audit Management 

• Stakeholder Management 

Qualifications & Experience: 

• Bachelor’s or master’s degree in Cybersecurity, Computer Science, Information Systems or related field. 

• 10+ Years of experience in: 

• Identity & Access Management 

• Enterprise Data Security 

• Compliance and Governance 

• Proven track record of enterprise IAM and IDAM policies. 

• Strong understanding of SSO, Tokenized Access, PAM (privileged access Management)  

• Knowledge of at least one IDAM / IAM tool wiz Okta, Sailpoint, Cyberarc, Microsoft Entra ID etc 

• Strong experience in representing the organization to Internal and External Access Management, Risk and Compliance Audits.  

• Strong Experience with Enterprise Data, AI and Analytics Ecosystem 

• Hands On Experience with Data Platforms, AI/ML or Generative AI Security.  

• Knowledge of DevSecOps, MLOps, CI/CD, API security, and container security. 

• Deep understanding of cloud platforms (Azure, AWS, Google Cloud) 

• Strong strategic and operational leadership skills. 

• Excellent communication and executive presentation abilities. 

• Ability to influence global cross-functional teams.  

• Strong analytical and problem-solving capabilities. 

• Passion for emerging technologies, cybersecurity innovation, and responsible AI governance.