Cyber AI Governance and Privacy Senior Consultant

Strategy, Growth, and Transformation | Enterprise Technology Strategy and Transformation

Same job available in 52 locations

Arlington/Rosslyn, Virginia, United States

Atlanta, Georgia, United States

Austin, Texas, United States

Baltimore, Maryland, United States

Boca Raton, Florida, United States

Boston, Massachusetts, United States

Charlotte, North Carolina, United States

Chicago, Illinois, United States

Cincinnati, Ohio, United States

Cleveland, Ohio, United States

Colorado Springs, Colorado, United States

Columbus, Ohio, United States

Costa Mesa, California, United States

Dallas, Texas, United States

Davenport, Iowa, United States

Dayton, Ohio, United States

Denver, Colorado, United States

Detroit, Michigan, United States

Gilbert, Arizona, United States

Hartford, Connecticut, United States

Hermitage, Tennessee, United States

Houston, Texas, United States

Indianapolis, Indiana, United States

Jacksonville, Florida, United States

Jericho, New York, United States

Jersey City, New Jersey, United States

Kansas City, Missouri, United States

Lake Mary, Florida, United States

Las Vegas, Nevada, United States

Los Angeles, California, United States

Louisville, Kentucky, United States

McLean, Virginia, United States

Mechanicsburg, Pennsylvania, United States

Memphis, Tennessee, United States

Miami, Florida, United States

Milwaukee, Wisconsin, United States

Minneapolis, Minnesota, United States

Morristown, New Jersey, United States

Nashville, Tennessee, United States

New Orleans, Louisiana, United States

New York, New York, United States

Philadelphia, Pennsylvania, United States

Pittsburgh, Pennsylvania, United States

Portland, Oregon, United States

Princeton, New Jersey, United States

Raleigh, North Carolina, United States

Richmond, Virginia, United States

Rochester, New York, United States

San Antonio, Texas, United States

San Francisco, California, United States

Seattle, Washington, United States

Stamford, Connecticut, United States

Position Summary

We are seeking an AI Governance and Privacy Specialist who can operationalize responsible AI in real systems—especially agentic AI and LLM-enabled applications. This role blends governance and privacy expertise with enough software development fluency to create developer-ready guidance, implement controls-as-code patterns, and stand up measurable evaluation and monitoring workflows.

As a Senior Consultant, you will help clients and internal delivery teams move from AI principles to practices: risk tiering, model and agent inventories, technical guardrails, governance workflows integrated into the SDLC, and evidence artifacts suitable for audits and regulators.

Recruiting for this role ends on 5/31/2026.

Work You’ll Do

You will lead and deliver AI governance, privacy, and security outcomes across the AI lifecycle, including:

Designing pragmatic AI governance operating models (intake, risk tiering, approvals, documentation standards, exception handling, and audit readiness) with a focus on GenAI and agentic AI deployments.
Building and maintaining AI system inventories (models, agents, tools, data sources, integrations), with clear ownership, intended use, risk classification, and change-control expectations.
Conducting AI risk assessments for privacy, security, model risk, and misuse—including prompt injection, sensitive data exposure, excessive agency, and overreliance—and translating findings into implementable mitigations.
Establishing technical control guidance for teams building agentic AI solutions: human-in-the-loop patterns, tool access controls, safe retrieval and grounding practices, logging/monitoring, token and data minimization, and incident response playbooks.
Implementing “governance in the workflow” by integrating governance checkpoints into product and engineering delivery (architecture reviews, release gates, evaluation requirements, documentation automation, and evidence capture).
Standing up or enhancing evaluation and monitoring approaches for GenAI systems: test plans, safety and quality metrics, red teaming workflows, and reporting dashboards for leaders and risk stakeholders.
Partnering cross-functionally with Cybersecurity, Privacy, Legal, Risk, Engineering, and Data Science to drive adoption and ensure governance guidance is usable, measurable, and repeatable.

The Team

You will join a cross-functional group working at the intersection of cyber, privacy, governance, and emerging AI delivery. The team helps organizations scale AI responsibly by combining governance and engineering patterns so teams can innovate faster without compromising trust.

Qualifications

Required

Bachelor’s degree or equivalent practical experience.
4+ years of experience in one or more of the following: AI governance, data privacy, security risk management, compliance and controls, AI product risk, model risk management, or technology risk consulting.
Demonstrated experience translating policies and regulatory expectations into operational workflows, artifacts, and controls (e.g., intake processes, inventories, decision logs, risk registers, RACI, playbooks).
Working knowledge of AI/ML/LLM systems and delivery lifecycles sufficient to assess real deployment risks and mitigations (training vs. RAG vs. fine-tuning vs. tool use, data dependencies, integration patterns).
Software development fluency: ability to collaborate with engineering teams on implementation details; ability to prototype or automate governance workflows in Python/SQL and to understand CI/CD and cloud deployment basics.
Practical experience with privacy program execution and artifacts (PIAs/DPIAs, vendor reviews, data inventories, data minimization, retention, and access control principles).
Ability to communicate clearly with both technical and non-technical stakeholders and produce executive-ready reporting.
Ability to travel 0–50%, on average, based on client and project needs.
Limited immigration sponsorship may be available.

Preferred

Previous consulting or Big 4 experience.
Hands-on experience operationalizing AI governance aligned to frameworks such as the NIST AI RMF and/or ISO/IEC 42001, with awareness of risk-based AI regulatory regimes (e.g., EU AI Act).
Experience with GenAI safety and evaluation practices (prompt injection testing, jailbreak resilience, hallucination measurement, toxicity/harm scoring, grounding effectiveness).
Familiarity with governance tooling and workflow platforms (e.g., OneTrust, GRC platforms, ticketing/workflow systems) and how to integrate them into engineering delivery.
Certifications such as CIPP/US, CIPM, IAPP AIGP, CISM, or CISSP.
Prior experience in cyber or enterprise security contexts (data security, identity, audit logging, secure SDLC).
Experience designing Human-in-the-Loop escalation pathways, exception handling, and automated safety protocols for highly autonomous systems.

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $118,700 - 218,600.

You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.

Deloitte is committed to providing reasonable accommodations for people with disabilities. If you require a reasonable accommodation to participate in the recruiting process, please direct your inquiries to the Global Call Center (GCC) at USTalentCICInbox@deloitte.com.

**Recruiting tips**

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

**Benefits**

At Deloitte, we know that great people make a great organization. We value our people and offer employees a broad range of benefits. Learn more about what working at Deloitte can mean for you.

**Our people and culture**

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ways of thinking, ideas, and perspectives, and bring more creativity and innovation to help solve our clients' most complex challenges. This makes Deloitte one of the most rewarding places to work.

Our purpose

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more.

**Professional development**

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

As used in this posting, "Deloitte" means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see [www.deloitte.com/us/about](http://www.deloitte.com/us/about) for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Qualified applicants with criminal histories, including arrest or conviction records, will be considered for employment in accordance with the requirements of applicable state and local laws, including the Los Angeles County Fair Chance Ordinance for Employers, City of Los Angeles’s Fair Chance Initiative for Hiring Ordinance, San Francisco Fair Chance Ordinance, and the California Fair Chance Act. See notices of various fair chance hiring and ban-the-box laws where available. **Fair Chance Hiring and Ban-the-Box Notices | Deloitte US Careers**

Requisition code: 329391

Job ID 329391