Senior Director, Data Governance & Privacy Operations (GRC) | Technology | Remote

About FTI Consulting

FTI Consulting is a leading global expert firm for organizations facing crisis and transformation. We collaborate with top multinational corporations, law firms, banks, and private equity firms on their most critical issues, delivering impactful solutions. You will join a focused team where you can make a real difference, working alongside leaders who have shaped history. We foster an open, collaborative culture that values diversity, recognition, and professional development.

About The Role

As a Senior Director in our in-house Service Delivery, Privacy, AI Governance & GRC team within the Technology segment, you will lead global privacy operations, third-party risk management, service delivery, and AI governance. This operational leadership role involves fostering intergroup relationships and ensuring adherence to governance, compliance, and best practices. You will collaborate closely with the Vice President, legal, sales, DPO, corporate compliance, and data center operations teams to ensure compliance with applicable regulations, laws, and industry standards. Your passion for data protection and responsible innovation will drive Privacy-by-design, AI ethics, and security embedded into our scalable operations, negotiations, commercial agreements, products, and service delivery. You will leverage your expertise in hyperscale/SaaS technology, risk management, and GRC to lead core program objectives and product solutions.

What You'll Do

• Partner with stakeholders to integrate GRC, technical, and operational provisions into customer, vendor, and partner agreements (portals, Trust, DPAs, LOEs, internal guidelines).
• Support Technology segment transformation initiatives and cross-segment programs, interacting with external counsel, FTI leadership, and clients.
• Monitor and assess data protection, Cyber, and AI regulations (e.g., GDPR, CCPA, EU AI Act) for applicability and operationalize them into workstreams.
• Exercise sound judgment to assess, communicate, and resolve risk, providing compliance guidance to the business.
• Ensure AI/Development and other Tech initiatives comply with regulations, governance principles, ISO standards, and industry best practices.
• Coordinate and perform audits and assessments (PIA, DPIA, TIA, AI impact assessment, Data Inventories) to support privacy by design and AI governance.
• Build and operationalize negotiation playbooks, risk matrices, and data maps for standardized processes and reduced escalations.
• Review and negotiate client and third-party agreements, considering compliance, cross-border transfers, and risk disposition.
• Govern risk exception handling for sales enablement and product risk acceptance, establishing standardization protocols.
• Collaborate on the administration, training, automation, and content creation for systems like Salesforce, TRUST site, TPRM (Prevalent), and AI CLM.
• Champion new technology and policy to strengthen governance and enforce ethical, secure, and compliant solution deployment.
• Evaluate advanced tools and suppliers, identifying opportunities for automation and self-service.
• Support and lead initiatives aligned with the team's GRC charter.

How You'll Grow

We are committed to your professional development through programs focused on leadership, growth, and continuous learning. Benefit from on-the-job learning, self-guided courses, certifications, and dedicated coaching. Tailored programs are available for critical professional milestones to empower your career progression.

Basic Qualifications

• Bachelor's or Master's degree in a relevant field (computer science, engineering, law, public policy).
• 5 years of experience in data governance, privacy, and/or AI governance, policy, or related fields.
• 2 years navigating, negotiating, and reviewing commercial agreements involving data protection, AI, security, cross-border data transfers, and operational service levels within large-scale cloud ecosystems (Azure, AWS, Google Cloud).
• 15+ years of total applicable work experience, with at least 10 years in information technology, information security, or operational risk management within enterprise IT, SaaS, IaaS, hyperscale, or hybrid cloud environments.
• Relevant certifications (CIPP, AIGP, CRP, CRISC, CRCM).
• Demonstrated experience synthesizing legal, regulatory, and contractual obligations into workstreams and policy.
• Demonstrated experience scaling governance programs through operating model design and measurable reporting metrics.
• Expert knowledge of domestic and global data protection regulations and security frameworks (e.g., GDPR, CCPA, CPRA, HIPAA, GLBA, NIST, ISO 27701, ISO 42001).
• Comfort navigating ambiguity in evolving initiatives.
• Authorization to work in the United States full-time.

Preferred Qualifications

• Juris Doctor or Master's in Law is strongly preferred.
• Demonstrated project management expertise.
• Familiarity with enterprise data governance platforms (e.g., OneTrust), vendor risk management systems, CLM systems (e.g., Ironclad, DocuSign), and workflow platforms (e.g., ServiceNow).
• Experience with Privacy Enhancing Technologies.
• E-discovery or legal operations subject matter expertise.

Total Wellbeing

We support your wellbeing with competitive total compensation, comprehensive benefits (medical, dental, vision, life, disability insurance), generous paid time off, 401(k) matching, flexible work arrangements, and paid parental leave. Additional benefits include family care support, a wellness platform, employee recognition, community volunteering, charitable matching, and professional development programs. Enjoy office perks like free snacks, drinks, a smartphone plan, and discounts.

Key skills/competency

• Data Governance
• Privacy Operations
• AI Governance
• GRC
• Risk Management
• Regulatory Compliance
• Contract Negotiation
• Cloud Security
• Policy Development
• Stakeholder Management