Director of Data & AI Governance

Job DescriptionThe Director of Data & AI Governance, Risk, Compliance & Security leads the enterprise strategy and execution for governing data and AI responsibly, securely, and in compliance with global regulations. This role is accountable for establishing a unified control framework across data and AI lifecycle domains—including governance, risk management, security, privacy, and access controls—to enable trusted, compliant, and scalable use of data and AI across the enterprise.This leader partners across IT, Legal, Cybersecurity, Compliance, and Business functions to balance innovation with risk mitigation while enabling self-service analytics, AI adoption, and digital transformation.ResponsibilitiesStrategy & Operating ModelDefine and execute the enterprise Data & AI Governance, Risk, and Security strategy aligned with business and regulatory prioritiesEstablish a governance operating model and stewardship integrating governance, risk, privacy, and access control disciplinesDrive adoption of a “secure and compliant by design” framework across data platforms, AI models, and analytics solutionsData & AI GovernanceLead enterprise data governance, including data ownership, stewardship, classification, and quality standardsEstablish governance frameworks for AI/ML models, including lifecycle management, explainability, and monitoring (bias, model & Agent drift)Define and enforce policies, standards, and controls for data and AI usageRisk & ComplianceDevelop and operationalize Data & AI risk management frameworks, including Data classification and handling, model risk, data risk, and third-party riskEnsure compliance with global regulations (e.g., GDPR, ITAR, EAR, export controls, emerging AI regulations)Lead risk assessments, audits, and regulatory engagements related to data and AIEmbed governance controls into enterprise data platforms (e.g., EDW, data lakes, AI platforms)Own and drive Data & AI Audit readiness, compliance reporting, and regulatory responseSecurity, Privacy & Access ControlsDefine and implement data security and privacy architecture, including encryption, masking, tokenization, and anonymizationEstablish enterprise access control frameworks (RBAC/ABAC), aligned with classification levels and least privilege principlesPartner with Cybersecurity to ensure alignment with broader enterprise security strategyOversee data privacy programs, including consent management, data minimization, and data subject rightsAI Governance & Responsible AILead Responsible AI practices, including bias detection, fairness, transparency, and ethical use standardsEstablish approval, validation, and monitoring processes for AI models and GenAI solutionsMitigate risks such as AI model drift, hallucination, misuse, and AI whitewashingEnablement & CultureEnable self-service analytics and citizen development with appropriate guardrails and controlsDrive enterprise-wide data literacy and governance adoptionBuild strong partnerships with business and technology leaders to embed governance into daily operationsTeam LeadershipLead and scale a high-performing organization across: Data & AI Governance, Risk and Compliance, Security, Privacy and Access ControlsDefine clear roles, accountability models, and performance metricsQualificationsUS PERSONS REQUIREMENTDue to compliance with U.S. export control laws and regulations, candidate must be a U.S. person, which is defined as, a U.S. citizen, a U.S. permanent resident, or have protected status in the U.S. under asylum or refugee status.YOU MUST HAVE12+ years of experience in data governance, cybersecurity, risk, compliance, or AI governanceProven leadership experience in building and leading enterprise-scale governance or security organizationsStrong knowledge of: Data governance frameworks (e.g., DAMA-DMBOK), AI/ML governance and risk management, Data security and access control managementExperience with cloud data platforms (e.g., Snowflake, Databricks, AWS/Azure/GovCloud)Deep understanding of regulatory environments (ITAR, GDPR, CCPA, industry-specific regulations such as aerospace/defense if applicable)Strong executive communication and stakeholder management skillsWE VALUEExperience in highly regulated industries (e.g., aerospace, defense, finance, healthcare)Bachelor's Degree in Information Technology and CybersecurityFamiliarity with NIST AI Risk Management Framework, ISO 27001, SOC2Experience enabling data democratization with governance guardrailsStrong executive communication and stakeholder management skills