Logo FTI Consulting

Director, Privacy Operations & Data Governance

Job

  • Level
    Lead
  • Job Field
    IT, Project, Security
  • Employment Type
    Full Time
  • Contract Type
    Permanent employment
  • Location
    Frankfurt
  • Working Model
    Hybrid, Onsite
  • Job Summary

    In this role, you will lead privacy operations, promote governance and risk management initiatives, and develop standards to ensure compliance with global regulations across various projects.

    Job Technologies

    Your role in the team

    • In this role, you will work as a Director in our Service Delivery, Privacy, AI Governance & GRC team within the Technology segment.
    • In this operational leadership position (not a consulting role), you support global Data Privacy Operations, Third Party Risk Management, Service Delivery, as well as AI Governance across the entire Technology segment.
    • This is carried out in close collaboration with the Vice President as well as the teams from Legal, Sales, DPO, Security, Architecture/Engineering, and Data Center Operations to ensure compliance with applicable regulations, laws, and industry standards.
    • This role supports governance, contracting, and operational readiness initiatives focused on EMEA/APAC and promotes governance and risk management initiatives to ensure that Privacy by Design, Responsible AI, and Security are firmly embedded in scalable operations, negotiations, content, commercial agreements, products, and service delivery.
    • Collaboration with cross-functional stakeholders to embed GRC & AI governance policies into client, supplier, partner, and other GTM content, including portals, trust materials, DPAs, and LOEs.
    • Development and maintenance of standard positions, playbooks, and reusable governance artifacts.
    • This role requires strong legal and regulatory knowledge but does not serve as Legal Counsel. When questions arise that involve legal interpretation or technical validation, it works closely with internal Legal Counsels, Data Protection Officers, as well as security and technical stakeholders.
    • Review and negotiation of customer and third-party contracts - including cross-border transfer mechanisms (SCCs, DPF, Impact Assessments) - as well as managing risk exception handling through standardization and exception protocols.
    • Proactive monitoring of global data protection, cyber, and AI regulations (e.g., GDPR, CCPA, EU AI Act, EU AI Pact, DORA, etc.); assessment of applicability and translation of requirements into measures, contractual positions, governance artifacts, and business process changes.
    • Ensuring that AI, development, and other tech initiatives or products comply with applicable regulations, governance principles, ISO standards (ISO 27701, ISO 42001), and industry best practices.
    • Coordination and execution of PIAs, DPIAs, TIAs, and AI Impact Assessments, as well as the maintenance and further development of risk registers and matrices.
    • Development and operationalization of negotiation guidelines, data maps, as well as intake and triage mechanisms to enable self-service and automation, thereby reducing ad-hoc escalations.
    • Support and administration of governance systems (Salesforce, Trust Site, TPRM system (Prevalent), and AI CLM); ensuring that client-side content, trust materials, and governance statements are accurate, reliable, and aligned with operational reality.
    • Promotion of new technologies and policies to enforce an ethical, secure, and compliant solution deployment.
    • Support for transformation initiatives in the technology segment, including cross-segment programs; collaboration with external legal advisors, management, and clients.
    • Support and lead initiatives within the scope of the team's Governance, Risk, and Compliance mandate.

    This text has been machine translated. Show original

    Our expectations of you

    Education

    • Bachelor's or Master's degree in a relevant field, e.g., Computer Science, Engineering, Law, or Political Science.

    Qualifications

    • CIPP/E required, as well as at least one of the following certifications: CIPP/US, AIGP, CRP, CRISC, or CRCM.
    • Expertise in global data protection regulations, AI regulations, and security frameworks (e.g., GDPR, CCPA, CPRA, HIPAA, GLBA, NIST, ISO 27701, ISO 42001, etc.) in complex global technology environments.
    • Strong legal expertise and proven ability to translate legal, regulatory, and contractual obligations into work processes and associated policies, including the analysis of cross-border data transfers (Transfer Impact Assessments, Standard Contractual Clauses, and related governance and contractual workflows).
    • High tolerance for ambiguity and the ability to work effectively in a developing environment with structures and processes that are not yet fully defined.
    • Fluent English skills in speaking and writing.

    Experience

    • More than 6 years of experience in data governance, data protection, and/or AI governance, including solid knowledge of IT, information security, and/or operational risk management in cloud and hybrid cloud environments.
    • Experience in negotiating and reviewing commercial contracts with complex data protection provisions, AI clauses, IT and security annexes, cross-border data transfers, and operational service level agreements.
    • Experience in scaling governance programs through designing operating models and measurable reporting metrics (KPIs).

    This text has been machine translated. Show original

    What we offer

    • We invest in you and support you in your professional development.
    • To this end, we have developed a range of programs to promote leadership qualities as well as growth and development opportunities.
    • We support continuous learning and individual skill development through "Learning on the Job," self-directed professional development courses, and certifications.
    • You will receive your own coach who will support you as a mentor and guide you through regular coaching sessions.
    • This coach acts as a promoter of your professional development.
    • For your further career at FTI Consulting, we offer you tailored programs for important career decisions.
    • Our goal is to promote your physical and financial well-being — and that of your family.
    • We offer attractive benefits (including retirement plans), gym training, and family-friendly options.
    • In addition, our offerings include career development, wellness and recognition programs, volunteer initiatives, and flexible or hybrid working arrangements.

    This text has been machine translated. Show original

    Topics that you deal with on the job

    Job Locations

    • Location Frankfurt

      Hessen

      Germany

    This is your employer

    FTI Consulting

    FTI Consulting

    FTI Consulting is a global consulting firm that specializes in solving complex business challenges. With a diverse team of experts across various countries, it offers comprehensive services in corporate finance, forensic consulting, and strategic communications.

    Description

  • Company Type
    Established Company
  • Working Model
    Hybrid, Onsite
  • Industry
    Consulting
  • Logo FTI Consulting

    Director, Privacy Operations & Data Governance

    Location
    Frankfurt
    Working Model
    Hybrid, Onsite
    Diversity
    Open for all genders

    More Jobs