AI Governance and Privacy Senior Consultant

AI Governance and Privacy Senior Consultant Strategy, Growth, and Transformation | Enterprise Technology Strategy and Transformation Same job available in 52 locations Position Summary We are seeking an AI Governance and Privacy Specialist who can operationalize responsible AI in real systems—especially agentic AI and LLM-enabled applications. This role blends governance and privacy expertise with enough software development fluency to create developer-ready guidance, implement controls-as-code patterns, and stand up measurable evaluation and monitoring workflows. As a Senior Consultant, you will help clients and internal delivery teams move from AI principles to practices: risk tiering, model and agent inventories, technical guardrails, governance workflows integrated into the SDLC, and evidence artifacts suitable for audits and regulators. Work You'll Do You will lead and deliver AI governance, privacy, and security outcomes across the AI lifecycle, including:

• Designing pragmatic AI governance operating models (intake, risk tiering, approvals, documentation standards, exception handling, and audit readiness) with a focus on GenAI and agentic AI deployments.
• Building and maintaining AI system inventories (models, agents, tools, data sources, integrations), with clear ownership, intended use, risk classification, and change-control expectations.
• Conducting AI risk assessments for privacy, security, model risk, and misuse—including prompt injection, sensitive data exposure, excessive agency, and overreliance—and translating findings into implementable mitigations.
• Establishing technical control guidance for teams building agentic AI solutions: human-in-the-loop patterns, tool access controls, safe retrieval and grounding practices, logging/monitoring, token and data minimization, and incident response playbooks.
• Implementing "governance in the workflow" by integrating governance checkpoints into product and engineering delivery (architecture reviews, release gates, evaluation requirements, documentation automation, and evidence capture).
• Standing up or enhancing evaluation and monitoring approaches for GenAI systems: test plans, safety and quality metrics, red teaming workflows, and reporting dashboards for leaders and risk stakeholders.
• Partnering cross-functionally with Cybersecurity, Privacy, Legal, Risk, Engineering, and Data Science to drive adoption and ensure governance guidance is usable, measurable, and repeatable.

The Team You will join a cross-functional group working at the intersection of cyber, privacy, governance, and emerging AI delivery. The team helps organizations scale AI responsibly by combining governance and engineering patterns so teams can innovate faster without compromising trust. Qualifications Required

• Bachelor's degree or equivalent practical experience.
• 4+ years of experience in one or more of the following: AI governance, data privacy, security risk management, compliance and controls, AI product risk, model risk management, or technology risk consulting.
• Demonstrated experience translating policies and regulatory expectations into operational workflows, artifacts, and controls (e.g., intake processes, inventories, decision logs, risk registers, RACI, playbooks).
• Working knowledge of

AI/ML/LLM

systems and delivery lifecycles sufficient to assess real deployment risks and mitigations (training vs. RAG vs. fine-tuning vs. tool use, data dependencies, integration patterns).

• Software development fluency: ability to collaborate with engineering teams on implementation details; ability to prototype or automate governance workflows in Python/SQL and to understand CI/CD and cloud deployment basics.
• Practical experience with privacy program execution and artifacts (PIAs/DPIAs, vendor reviews, data inventories, data minimization, retention, and access control principles).
• Ability to communicate clearly with both technical and non-technical stakeholders and produce executive-ready reporting.
• Ability to travel 0-50%, on average, based on client and project needs.
• Limited immigration sponsorship may be available. Preferred
• Previous consulting or Big 4 experience.
• Hands-on experience operationalizing AI governance aligned to frameworks such as the NIST AI RMF and/or ISO/IEC 42001, with awareness of risk-based AI regulatory regimes (e.g., EU AI Act).
• Experience with GenAI safety and evaluation practices (prompt injection testing, jailbreak resilience, hallucination measurement, toxicity/harm scoring, grounding effectiveness).
• Familiarity with governance tooling and workflow platforms (e.g., OneTrust, GRC platforms, ticketing/workflow systems) and how to integrate them into engineering delivery.
• Certifications such as

CIPP/US, CIPM, IAPP

AIGP, CISM, or CISSP.

• Prior experience in cyber or enterprise security contexts (data security, identity, audit logging, secure SDLC).
• Experience designing Human-in-the-Loop escalation pathways, exception handling, and automated safety protocols for highly autonomous systems.

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $118,700 - 218,600. You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance. Information for applicants with a need for accommodation: https://www2.deloitte.com/us/en/pages/careers/articles/join-deloitte-assistance-for-disabled-applicants.html Deloitte is committed to providing reasonable accommodations for people with disabilities. If you require a reasonable accommodation to participate in the recruiting process, please direct your inquiries to the Global Call Center (GCC) at USTalentCICInbox@deloitte.com. Recruiting tips From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters. Benefits At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you. Our people and culture Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ways of thinking, ideas, and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work. Our purpose Deloitte's purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more. Professional development From entry-level employees to senior leaders, we believe there's always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career. As used in this posting, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Certain services may not be available to attest clients under the rules and regulations of public accounting. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law. Qualified applicants with criminal histories, including arrest or conviction records, will be considered for employment in accordance with the requirements of applicable state and local laws, including the Los Angeles County Fair Chance Ordinance for Employers, City of Los Angeles's Fair Chance Initiative for Hiring Ordinance, San Francisco Fair Chance Ordinance, and the California Fair Chance Act. See notices of various fair chance hiring and ban-the-box laws where available. Fair Chance Hiring and Ban-the-Box Notices | Deloitte US Careers Requisition code: 329391