Jobs · Information Technology · California

Data Governance Lead

Reflection · San Francisco, CA · 3 wk ago
On-siteInformation TechnologyFull-time

About the role

Own dataset provenance, training-data summaries, DPIAs, and the privacy and compliance posture of Reflection AI's training and evaluation data — so that every model we ship has auditable, regulator-grade evidence of its data lineage, licensing, privacy posture, and risk mitigations.

Responsibilities

  • Produce audit-ready data provenance records and training-data summaries for every production model — documenting origin, transformations, labeler provenance, and data quality so we can satisfy auditors, enterprise customers, and regulators on demand.
  • Own Data Protection Impact Assessments (DPIAs) end-to-end: drive them to completion with Legal, and publish DPIA outputs alongside model documentation to meet EU AI Act and GDPR expectations.
  • Enforce prohibited-source and license controls at data intake — preventing risky or non-compliant data from ever reaching a training run — and maintain a verified provenance and approval log for all vendor datasets.
  • Keep the company DSAR-ready by producing lineage reports that map model outputs back to source data and subject controls, enabling timely and accurate responses to data subject requests.
  • Assemble and maintain defensible evidence bundles — data manifests, DPIAs, consent and license records — into the enterprise evidence store so that audits and customer security reviews are straightforward and fast.
  • Log data findings in the risk register, drive remediation with the relevant owners, and report residual risk to governance forums and senior leadership on a regular cadence.
  • Partner with Research, Engineering, Legal, and Security to establish data ownership structures, access controls, and stewardship practices across all training, evaluation, and internal data assets.
  • Champion a culture of data literacy and responsible data use — building runbooks, intake checklists, and guidelines that help teams make confident, compliant decisions without bottlenecking on you.

Requirements

  • 5+ years in data governance, data privacy, or a closely related discipline — with meaningful experience at a technology company handling large-scale or sensitive datasets.
  • Hands-on experience conducting and owning DPIAs, privacy assessments, and data protection documentation — ideally in a context where these were reviewed by external auditors or regulators.
  • Deep working knowledge of GDPR, CCPA/CPRA, and the EU AI Act — and the ability to translate regulatory requirements into concrete, operationalizable policies and controls.
  • Experience with training data provenance, dataset licensing, and consent management in an ML or AI context — you understand why labeler provenance and data lineage matter for model accountability, not just compliance.
  • Familiarity with compliance-as-code approaches: you've worked with or built automated data validation gates, policy-enforcement pipelines, or pre-deployment checks tied to data quality and compliance metadata.
  • Technical fluency with cloud data infrastructure (AWS, GCP, or Azure), data warehouses (BigQuery, Snowflake), and data cataloging or lineage tools — enough to design controls and engage credibly with engineering teams.
  • Experience building and maintaining risk registers, evidence stores, and audit documentation — you know what "regulator-grade" evidence looks like in practice.
  • Demonstrated ability to drive cross-functional alignment across Legal, Security, Research, and Engineering, including influencing without formal authority in a fast-moving environment.
  • A builder's mindset: you're energized by 0→1 work, comfortable creating structure where little exists, and pragmatic enough to ship imperfect-but-useful processes on the way to ideal ones.

Qualifications

  • Relevant certifications (CDMP, CIPP/E, or similar) are a plus — but track record and demonstrated impact matter more than credentials.

Skills

  • Data Governance
  • Data Privacy
  • Data Protection Impact Assessments (DPIAs)
  • GDPR, CCPA/CPRA, EU AI Act
  • Data Provenance
  • Dataset Licensing
  • Consent Management
  • Compliance-as-Code
  • Cloud Data Infrastructure
  • Data Warehouses
  • Data Cataloging
  • Data Lineage Tools
  • Risk Registers
  • Evidence Stores
  • Audit Documentation
  • Collaboration Across Teams
  • Builder's Mindset

Benefits

  • Top-tier compensation
  • Stock options
  • Health & wellness benefits
  • Meals provided in the office daily
  • Paid parental leave
  • Unlimited paid time off in the U.S. and 30 days in the U.K.
  • Sponsorship support
  • Team building activities

Pay

Salary and equity structured to recognize and retain our talent globally.

Schedule

Not specified.

Similar jobs

Data Governance Lead

MACHINE LEARNING TECHNOLOGIES LLCDallas, TX· 3 wk ago
Information Technologyapply on machinele.com

Data Governance Lead

FintechTampa, FL· 2 wk ago
Information Technologyapply on recruiting.ultipro.com

Data Governance Lead

Woodward, Inc.Fort Collins, CO· 3 wk ago
Information Technology$95k/yrapply on woodward.wd5.myworkdayjobs.com

Data Governance Lead

Booz Allen HamiltonMcLean, VA· 5 days ago
Management$99k–$225k/yrapply on careers.boozallen.com

Data Governance Lead

Tata Consultancy ServicesAtlanta, GA· 5 days ago
Information Technologyapply on ibegin.tcsapps.com

Data Governance Lead

Westfield InsuranceWestfield Center, OH· 6 days ago
Management$10/hrapply on fa-exdv-saasfaprod1.fa.ocs.oraclecloud.com