As a member of our Data Protection & AI Governance Team, you will work at the intersection of data protection, regulatory compliance, and the rapidly evolving field of AI [ethics and governance. From implementing privacy-by-design principles to advising on global and industry-specific regulatory frameworks like NIST AI RMF, OECD AI principles, ISO standards (ISO 23894, ISO 42001), and insurance-specific regulations, you'll contribute to building robust strategies that shape our clients' futures.
We need your expertise to tackle challenges posed by automated decision-making, emerging US state privacy laws, and insurance industry-specific security and data protection considerations. If you're passionate about protecting data, driving ethical AI, and delivering measurable business value, we want to hear from you.
What You’ll Get To Do
- Collaborate and Lead: Guide clients in defining and implementing data protection and AI governance strategies aligned with business objectives and regulatory requirements, including NAIC Model Laws and state insurance regulations.
- Regulatory Expertise: Monitor and interpret developments in global and industry-specific AI and data privacy regulations (e.g., US state privacy laws, CPRA, GDPR) and their implications on automated decision-making and insurance practices.
- Program Assessment: Identify risks and gaps in client programs, from sensitive data handling to AI governance, with a focus on addressing insurance-specific data protection and compliance needs.
- Framework Application: Leverage frameworks like NIST AI RMF, OECD principles, and ISO standards alongside insurance-specific security and privacy requirements to create comprehensive governance models.
- Process Design: Draft policies and workflows that integrate privacy-by-design principles into AI and data governance strategies while addressing unique considerations in the insurance sector.
- Technology Enablement: Collaborate with technical teams to design and implement solutions that automate and scale data protection and AI governance activities, ensuring alignment with insurance regulatory and security requirements.
- Thought Leadership: Develop and present insights on the evolving landscape of AI risk management, data privacy, and insurance regulations, supporting clients' journeys to compliance and innovation.
What You’ll Bring With You
- 7+ years of experience of AI governance frameworks (e.g., NIST AI RMF, OECD AI principles, ISO 23894, ISO 42001) and insurance industry standards such as NAIC Model Laws and state insurance regulations.
- Familiarity with operational privacy-by-design practices and their application to AI systems within regulated industries like insurance.
- Awareness of US state privacy laws, particularly those impacting the "right to opt out" of automated decision-making, and their implications for insurance products and services.
- Practical experience in implementing IT and Information Security initiatives with a focus on data protection in regulated environments.
- Strong project management skills with a collaborative and servant-leader mentality.
- Familiarity with cloud platforms (AWS, Azure, Google Cloud) and data management tools (e.g., BigID, Collibra, OneTrust).
- Ability to synthesize technical and regulatory insights into actionable business strategies, particularly for insurance clients.
- Preferred certifications: CIPP, CIPM, CDPSE, CIPT, CISSP, or equivalent.
