Director (m/f/d), Privacy Operations & Data Governance

Job Description

Who we are

FTI Consulting, Inc. is the world's leading consultancy for companies in crisis and transformation. We work closely with leading global corporations, renowned law firms, and private equity firms as they face their greatest challenges and opportunities. Together, we deliver results that make a difference. From dispute resolution and crisis management to risk management and performance optimization, our teams respond quickly to dynamic and complex situations.

At FTI Consulting, you'll work side-by-side with leading experts in their respective fields on projects that will shape tomorrow's headlines. From day one, you'll be part of a team driving innovation and progress. With us, you'll work on projects that truly make a difference and leave a lasting impression.

Be yourself! You can expect an open, collaborative company culture where diversity, recognition, and your professional development are the focus.

Are you ready to make a difference?

About the role

In this role, you will work as a Director in our Service Delivery, Privacy, AI Governance & GRC team within the Technology segment. In this operational leadership position (not a consulting role), you will support global data protection operations, third-party risk management, service delivery, and AI governance across the entire Technology segment. This will be done in close collaboration with the Vice President and the teams in Legal, Sales, DPO, Security, Architecture/Engineering, and Data Center Operations to ensure compliance with applicable regulations, laws, and industry standards. This role supports EMEA/APAC-focused governance, contracting, and operational readiness measures and promotes governance and risk management initiatives to ensure that privacy by design, responsible AI, and security remain firmly embedded in scalable operations, negotiations, content, commercial agreements, products, and service delivery.

Your responsibilities

  • Governance, Contracting & Risk Management : Collaborating with cross-functional stakeholders to embed GRC and AI governance provisions into customer, supplier, partner, and other GTM content, including portals, trust materials, DPAs, and LOEs. Developing and maintaining standard positions, playbooks, and reusable governance artifacts. This role requires strong legal and regulatory knowledge but does not function as legal counsel and works closely with internal legal counsel, data protection officers, and security and technical stakeholders on issues requiring legal interpretation or technical control validation. Reviewing and negotiating customer and third-party contracts—including cross-border transfer mechanisms (SCCs, DPFs, impact assessments)—and managing risk exception handling through standardization and exception protocols.
  • Regulatory Monitoring & Compliance : Proactive monitoring of global data protection, cybersecurity, and AI regulations (e.g., GDPR, CCPA, EU AI Act, EU AI Pact, DORA, etc.); assessment of the applicability and translation of requirements into measures, contractual clauses, governance artifacts, and business process changes. Ensuring that AI, development, and other tech initiatives or products comply with applicable regulations, governance principles, ISO standards (ISO 27701, ISO 42001), and industry best practices.
  • Assessments & Program Implementation : Coordination and execution of PIAs, DPIAs, TIAs, and AI Impact Assessments, as well as maintenance and further development of risk registers and matrices. Development and operationalization of negotiation guidelines, data maps, and intake and triage mechanisms to enable self-service and automation and reduce ad-hoc escalations.
  • Technology, Automation & Communication : Support and administration of governance systems (Salesforce, Trust Site, TPRM system (Prevalent) and AI CLM); ensuring that customer-side content, trust materials, and governance statements are accurate, robust, and aligned with operational reality. Promoting new technologies and guidelines to enforce ethical, secure, and compliant solution deployment.
  • Transformation & Leadership : Supporting transformation initiatives in the technology segment, including cross-segment programs; collaborating with external legal advisors, management, and customers. Supporting and leading initiatives within the team's governance, risk, and compliance mandate.

Your development

We invest in you and support your professional development. To this end, we have developed a range of programs to foster leadership skills and provide growth and development opportunities. We support continuous learning and individual skills development through on-the-job learning, self-directed professional development courses, and certifications. You will be assigned a personal coach who will mentor you and guide you through regular coaching sessions. This coach will act as a facilitator of your professional growth. For your future career at FTI Consulting, we offer tailored programs to help you make important career decisions.

Your profile

  • Bachelor's or Master's degree in a relevant field, e.g. computer science, engineering, law or political science.
  • CIPP/E is required, as well as at least one of the following certifications: CIPP/US, AIGP, CRP, CRISC or CRCM.
  • More than 6 years of experience in data governance, data protection and/or AI governance, including in-depth knowledge of IT, information security and/or operational risk management in cloud and hybrid cloud environments.
  • Experience in negotiating and reviewing commercial contracts with complex data protection provisions, AI clauses, IT and security annexes, cross-border data transfers, and operational service level agreements.
  • Expert knowledge of global data protection regulations, AI regulations and security frameworks (e.g. GDPR, CCPA, CPRA, HIPAA, GLBA, NIST, ISO 27701, ISO 42001 etc.) in complex global technology environments.
  • Strong legal knowledge and proven ability to translate legal, regulatory and contractual obligations into work processes and related policies, including the analysis of cross-border data transfers (transfer impact assessments, standard contractual clauses and related governance and contract workflows).
  • Experience in scaling governance programs through the design of operating models and measurable key performance indicators (KPIs).
  • High tolerance for ambiguity and the ability to work effectively in an evolving environment with structures and processes that are not yet fully defined. Fluent English skills, both written and spoken.

Your benefits

Our goal is to promote your physical and financial well-being – and that of your family. We offer attractive benefits (including retirement savings), gym access, and family-friendly options. Our offering also includes career development, wellness, and recognition programs, volunteer opportunities, and flexible or hybrid work arrangements.

Your application

In addition to your CV, please upload your complete certificates (university transcripts and work references), a cover letter, and other relevant documents in the CV/Resume section. We look forward to receiving your complete application documents exclusively via the application portal.

Do you have any questions beforehand?

Your contact: Ann-Kathrin Emser, Phone: +496992037020; Email: Ann-Kathrin.Emser@fticonsulting.com

#LI-AE1

FTI Consulting is committed to equal opportunities as an employer and opposes any discrimination based on ethnicity, skin color, national origin, ancestry, citizenship, protected veteran status, religion, physical or mental disability, gender, sexual orientation, gender identity or expression of gender, age or any other characteristics specifically protected by laws, regulations or decrees.