Jobs · Information Technology · Tennessee

AI GRC Program Manager

Pillsbury Winthrop Shaw Pittman LLP · Nashville, TN · 1 wk ago
Information Technology$125k–$135k/yrFull-time

Key Responsibilities

  • Lead the day-to-day execution and ongoing maturity of the Firm’s AI governance, risk, and compliance program.
  • Help define and operationalize the Firm’s governance framework for third-party and internal AI tools.
  • Establish clear processes for AI intake, review, approval, documentation, and oversight.
  • Partner with the Director, GRC, and Chief AI Officer to align AI governance priorities with Firm strategy and risk tolerance.

Policy Development & Interpretation

  • Draft, maintain, and interpret AI-related policies, standards, procedures, and governance guidance for the Firm.
  • Translate evolving legal, regulatory, and client expectations into practical internal requirements and operational controls.
  • Provide policy interpretation and guidance to business and technology stakeholders on the appropriate use of AI-enabled tools.
  • Help ensure AI governance documentation remains current, practical, and aligned with the Firm’s broader risk and compliance framework.

Vendor AI Governance

  • Establish and maintain the AI governance framework, review standards, and control expectations used to assess third-party AI vendors.
  • Partner with GRC Analysts responsible for third-party management to integrate AI-specific requirements into the Firm’s vendor review process.
  • Provide consultation on higher-risk, complex, or novel AI vendor reviews, including issues related to data use, model behavior, human oversight, and regulatory exposure.
  • Collaborate with Legal, Privacy, Information Security, Chief AI Office, and business stakeholders to define appropriate governance conditions for approved AI-enabled vendors.
  • Help ensure approved AI vendors are subject to clear usage boundaries, documentation standards, and ongoing governance expectations.

Internal AI Governance

  • Lead governance activities for internal AI systems and AI-enabled workflows used by the Firm.
  • Define requirements related to acceptable use, human oversight, output validation, escalation, transparency, and monitoring.
  • Assess internal AI use cases for alignment with Firm policy, client expectations, and applicable legal and regulatory requirements.
  • Ensure governance expectations are clearly documented for approved internal AI use cases, including risk considerations, controls, and oversight requirements.

Regulatory Compliance & Strategic Guidance

  • Monitor and interpret emerging AI laws, regulations, standards, and client requirements across key jurisdictions, including the U.S., UK, and EU.
  • Advise internal stakeholders on the practical implications of AI-related legal and regulatory developments.
  • Support the Firm’s efforts to maintain a defensible and scalable AI governance posture across jurisdictions.
  • Identify areas where new or revised internal policy, process, or controls may be needed based on changes in the regulatory landscape.

Client-Facing Governance

  • Lead or support responses to client-facing AI questionnaires, outside counsel guidelines, and other AI-related diligence requests.
  • Help ensure the Firm can clearly and consistently articulate its governance approach for AI-related tools and use cases.
  • Coordinate with internal stakeholders to gather, validate, and organize information needed for client and regulatory responses.

Audit Readiness, Controls & Assurance

  • Help design and maintain an auditable AI governance control environment for the Firm.
  • Develop and maintain documentation, evidence, and governance artifacts to support internal audits, client reviews, regulatory inquiries, and potential future external assurance or certification efforts.
  • Lead or support control mapping, gap assessments, remediation tracking, and evidence collection related to AI governance requirements.
  • Partner with cross-functional stakeholders to evaluate the design and effectiveness of AI-related controls and governance processes.
  • Monitor emerging AI assurance frameworks, certification models, and audit expectations to help position the Firm for future external validation if pursued.

Training, Awareness & Cross-Functional Coordination

  • Help develop and deliver training and awareness materials related to responsible AI use.
  • Provide practical, business-oriented guidance to attorneys and business professionals on the appropriate use of AI-enabled tools.
  • Facilitate cross-functional working sessions, governance meetings, and program maturity initiatives.
  • Track and report on key AI governance activities, risks, remediation items, and milestones for leadership.

Required Education, Knowledge & Experience

  • Bachelor's degree in Information Systems, Data Science, or related field preferred.
  • 7+ years of experience in governance, risk, compliance, privacy, information security, technology risk, regulatory compliance, or related discipline.
  • Experience leading or managing cross-functional governance or compliance programs in an enterprise or professional services environment.
  • Familiarity with AI governance concepts and risks, including third-party AI vendors, generative AI tools, and internal AI use cases.
  • Familiarity with AI-related regulatory developments in the U.S., UK, and EU.
  • Experience drafting, interpreting, and implementing policies, standards, procedures, or governance frameworks.
  • Experience supporting audits, assessments, control reviews, or compliance readiness activities.
  • Experience working cross-functionally with Legal, IT, Security, Privacy, and business stakeholders.
  • Strong understanding of confidentiality, data protection, and risk management principles.
  • Ability to translate complex legal, regulatory, or technical issues into clear, business-oriented guidance.
  • Strong organizational skills, sound judgment, and attention to detail.

Preferred Qualifications

  • Experience supporting AI governance, privacy, compliance, or technology risk efforts in a law firm or professional services environment.
  • Experience supporting client-facing questionnaires, outside counsel guidelines, or similar diligence processes.
  • Experience reviewing vendor security documentation, privacy materials, contracts, and product data flows.
  • Knowledge of governance and control frameworks such as ISO 27001, NIST, or related privacy and security standards.
  • Familiarity with emerging AI assurance frameworks, responsible AI control models, or certification approaches.
  • Relevant certifications in compliance, privacy, security, governance, or risk management are a plus.
  • Strong written and verbal communication.
  • Strategic thinking and program leadership.
  • Governance and compliance mindset.
  • Analytical problem-solving.
  • Sound judgment and risk balancing.
  • Policy drafting and interpretation.
  • Ability to manage multiple workstreams simultaneously.
  • Cross-functional collaboration and stakeholder management.

Physical Requirements

  • Ability to sit and stand for extended periods.
  • Ability to lift up to 15 pounds.

Compensation Range

The expected salary range for this position is $125,000 - $135,000. Final compensation will be determined based on several factors, including but not limited to, relevant experience, qualifications, skill set, and geographic location.

Similar jobs

AI/ML Program Manager

KCIUnited States· 3 wk ago
RemoteInformation Technologyapply on careers-kci.icims.com

IT Program Manager - AI

WeyerhaeuserSeattle, WA· 1 mo ago
Information Technology$119k–$179k/yrapply on weyerhaeuser.taleo.net

Manager, AI Program

DP WorldCharlotte, NC· 3 wk ago
Project Managementapply on ehpv.fa.em2.oraclecloud.com