JOB DESCRIPTION

• Evaluate and ensure our organizations privacy practices comply with regulatory requirements and industry standards, including, but limited to, the EU General Data Protection Regulation (GDPR), the EU AI Act, the California Consumer Privacy Rights Act (CCPA), and the Health Insurance Portability and Accountability Act (HIPAA).
• Conduct comprehensive data protection assessments of systems, processes, and tools to ensure compliance with global data protection laws and regulations, with a particular focus on Artificial Intelligence (AI) and Machine Learning (ML) systems.
• Collaborate with cross-functional systems to understand and document system architectures, data flows, and business processes to accurately assess data protection risks, including those inherent in AI implementations.
• Partner with stakeholders across the firm to implement corrective actions and enhance data protection compliance.
• Evaluate the effectiveness of data protection measures and recommend improvements.
• Develop and maintain assessment documentation, including Data Protection Impact Assessments, findings report, and remediation recommendations, with specific attention to AI-related concerns.
• Monitor the implementation of risk mitigation strategies, including those tailored to AI systems, and track progress in resolving identified issues.
• All members of the firm are encouraged to participate in our Responsible Business program; and
• Other duties as assigned.

QUALIFICATIONS

REQUIRED SKILLS

• Familiarity with industry standards and frameworks related to data protection and privacy, including those that address AI-specific considerations (e.g., NIST, ISO, Fed Ramp).
• Familiarity with human resources practices and employment laws, including EEO and ADA guidelines
• Proficiency in requirements gathering, analysis, and recommendations development.
• Proficiency in conducting risk assessments, with experience in applying these to AI technologies.
• Strong analytical skills, with the ability to assess complex systems and business processes to identify potential security and privacy risks, particularly in the context of AI.
• Excellent interpersonal skills, with the ability to build strong relationships with peers and executives.
• Experience in effectively communicating, verbal and written, with both technical and non-technical roles.
• Demonstrated project management planning and skills; ability to break down complex problems into manageable goals.
• Experience with One Trust is preferred.
• Ability to travel to other U.S. offices, when needed.