Senior Director, Data Governance & Privacy Operations (GRC) | Technology | Remot

About The Role

The Senior Director works as a member of our in‑house Service Delivery, Privacy, AI Governance & GRC team within the Technology segment of FTI Consulting. In this operational leadership (non‑consulting) position, you will foster inter‑group relationships while ensuring governance, compliance, and best practices. You help lead global privacy operations, third‑party risk management, service delivery and AI governance within the Technology segment by working closely with the Vice President, legal, sales, DPO, corporate compliance, and data center operations teams to ensure compliance with applicable regulations, laws and industry standards. With your passion for data protection and responsible innovation, you will champion governance and risk management initiatives to ensure Privacy‑by‑design, AI ethics, & security remain embedded into scalable operations, negotiations, content, commercial agreements, products and the delivery of services. You will lead and drive core program objectives and product solutions by leveraging your knowledge of hyperscale/SaaS technology and risk management with technical, GRC and legal acumen.

What You’ll Do

• Partner with various stakeholders to ensure appropriate GRC, technical and operational provisions are incorporated into customer, vendor, partner and other GTM content including portals, Trust, DPAs, LOEs, internal guidelines, etc.
• Support Technology segment transformation initiatives including cross‑segment programs such as scalable IT; role will interact with external counsel, FTI’s senior leadership and clients.
• Proactively horizon scan/monitor data protection, Cyber and AI regulations/ standards (e.g., GDPR, CCPA, EU AI Act, EU AI pact, DORA, etc.); assess regulations for applicability to context, FTI’s solutions and operationalize into various workstreams where needed.
• Exercise sound judgment to effectively assess, communicate, balance and resolve risk in the provision of compliance guidance to the business.
• Ensure AI/ Development and other Tech initiatives or products comply with regulations, governance principles, ISO standards and industry best practices.
• Partner with teams and data stewards to coordinate and perform various audits and assessments (PIA, DPIA, TIA, AI impact assessment, Data Inventories, etc.) as needed to support privacy by design and AI governance principles, drive operational accountability and ensure ongoing compliance and risk management; maintain risk registers and risk matrices to support PIMS, etc.
• Build and operationalize negotiation playbooks, risk matrices, data maps, and standardized artifacts that enable self‑service and reduce ad‑hoc escalations.
• Review and negotiate both client and third‑party agreements accounting for compliance and alignment with standard positions, cross‑border transfers in order to enable product/solution delivery and client engagements; evaluate third parties’ compliance and risk disposition as required.
• Govern risk exception handling for sales enablement & product risk acceptance, establishing standardization (90%) and exception (10%) protocols.
• Collaborate on administration, training, areas of automation, create content, and provide support of various systems: Salesforce, TRUST site, TPRM system (Prevalent) and AI CLM.
• Champion and evangelize new technology and policy as needed to further strengthen governance and enforce policies and frameworks that ensure ethical, secure, and compliant solution deployment. Proactively evaluate advanced tools, suppliers and continuously evaluate opportunities for automation or self‑service.
• Support and lead initiatives as required under the team’s GRC charter.

What You Will Need To Succeed

Basic Qualifications

• Bachelor’s or Master’s degree in a relevant field, such as computer science, engineering, law or public policy.
• 5 years of experience in data governance, privacy and/or AI governance, policy, or related fields.
• 2 years navigating, negotiating, and reviewing commercial agreements involving complex data protection, AI terms, information technology and security schedules, cross‑border data transfers and operational service levels, technical requirements within large‑scale cloud ecosystems (Azure, AWS, Google Cloud, etc.).
• 15 or more years of total applicable work experience with at least 10 of those years in information technology, information security and/or operational risk management in the context of enterprise IT systems and specifically, SaaS, IaaS, hyperscale or hybrid cloud environments.
• Any of the following certifications: Certified Information Privacy Professional (CIPP), Artificial Intelligence Governance Professional (AIGP), Certified Risk Professional (CRP), CRISC (Certified in Risk and Information Systems Control), or Certified Regulatory Compliance Manager (CRCM).
• Demonstrated experience synthesizing legal, regulatory, and contractual obligations into workstreams and related policy.
• Demonstrated experience scaling governance programs through operating model design (intake, triage, playbooks, automation) and measurable reporting metrics (KPIs).
• Expert knowledge of domestic and global data protection regulations and security frameworks regulations (such as GDPR, CCPA, CPRA, HIPAA, GLBA, NIST, ISO 27701, ISO 42001, etc.) and applying them in a complex technology environments.
• Comfort navigating ambiguity in evolving initiatives where scope, tooling, and processes are still being defined.
• Applicants must be currently authorized to work in the United States on a full‑time basis; this position does not provide visa sponsorship.

Preferred Qualifications

• Juris Doctor or Master’s in Law strongly preferred. While this position will not be acting as legal counsel for FTI, in‑depth demonstrative legal acumen is required.
• Demonstrated project management expertise.
• Familiarity and ideally, previous experience with at least one major data governance enterprise platform (i.e., One Trust), vendor risk management system, a Contract Lifecycle Management system (i.e. Ironclad, DocuSign, Conga, Luminance, etc.), and ServiceNow or similar workflow/intake platforms is a plus.
• Experience with Privacy Enhancing Technologies.
• E‑discovery or legal operations subject matter expertise.

Benefits

• Competitive total compensation, including bonus earning potential.
• Full package of benefits plans, including medical, dental and vision coverage along with life and disability insurance.
• Generous paid time off and holidays.
• Company matched 401(k) retirement savings plan.
• Potential for flexible work arrangements.
• Generous paid parental leave with available planning tools, virtual expert coaching services and flex return support.
• Family care benefits, including back‑up child/elder care.
• Employee wellness platform.
• Employee recognition programs.
• Paid time off for volunteering in your community.
• Corporate matching for charitable donations most important to you.
• Make an impact in our communities through company‑sponsored pro bono work.
• Professional development and certification programs.
• Free in‑office snacks and drinks.
• Free smartphone and cellular plan (if applicable).
• FTI Perks & Discounts at retailers and businesses.
• Upscale offices close to public transportation.

Equal Opportunity Employer

FTI Consulting is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, ancestry, citizenship status, protected veteran status, religion, physical or mental disability, marital status, sex, sexual orientation, gender identity or expression, age, or any other basis protected by law, ordinance, or regulation.

Compensation Disclosure

The compensation range reflects potential base salary for the role. Actual compensation is determined based on a wide array of relevant factors including market considerations, business needs and an individual’s location, skills, level of experience and qualifications.

Compensation

• Minimum Pay: 116,500
• Maximum Pay: 256,000

#J-18808-Ljbffr