Who We Are
FTI Consulting is the world’s leading expert-driven consulting firm. Over the last 40 years, FTI Consulting experts have served as the trusted advisor to Fortune 500 companies and the world’s leading law and private equity firms when they are facing their greatest opportunities and challenges. Our strong performance and continued success are a direct reflection of the ambition, energy, and commitment of our talented professionals across the globe to make a positive impact for our clients and communities.
At FTI Consulting, you’ll be inspired and empowered to make an impact on headline matters that change history. Working side by side with the world’s leading experts in your field, you’ll be surrounded by an open collaborative culture that embraces diversity, recognition, professional development and most importantly, you.
There’s never been a more exciting time to join FTI Consulting and this is where you will do the most exciting and fulfilling work of your career.
Are you ready to make an impact?
About The Role
The in-house (non-consulting) Director works as a member of our Service Delivery, Privacy, Data Governance and Compliance team within the Technology segment of FTI Consulting. In this operational leadership position, you will foster intergroup relationships while ensuring governance, compliance and best practices. You will influence and drive core data governance and program objectives by leveraging your passion for privacy operations with technical, GRC and legal acumen. You will help lead global privacy operations, delivery and data governance for the Technology segment, working transversally with legal, sales, compliance, professional services, security and data center operations teams to reflect FTI Technology’s commitment to data protection, compliance and viable service delivery throughout the organization.
What You’ll Do
- Review and negotiate both client and vendor agreements accounting for; security, risk, privacy, technical operations, resilience, data governance and compliance in order to enable projects and client engagements.
- Monitor and evaluate changes to applicable privacy, data protection, artificial intelligence, Blockchain, emerging tech. laws, regulations and other applicable industry standards rationalizing requirements, making recommendations and evangelizing change when appropriate.
- Partner with teams and data stewards to coordinate and perform various audits and assessment (PIA, DPIA, TIA, Data Inventories, etc.) as needed to ensure ongoing compliance and appropriate risk management (internal and external).
- Serve as the conduit for the internal business in EMEA regarding data privacy operations, technical operations, best practices and compliant service enablement.
- Work with the other members in the team to transform, optimize and further strengthen processes, policies, technology, posture and scale in order to support future state.
- Lead applicable programs and projects from initial concept through the full project lifecycle embedding key principles such as privacy, AI governance and security by design.
- Partner with internal stakeholders to further expand our privacy operations and governance framework. Document best practices and create content suitable for both internal and external users where needed.
- Collaborate with the Information Security team to provide guidance and raise employee awareness regarding data privacy and security risks and provide relevant training.
- Create and continue to monitor risk matrices.
How You’ll Grow
We are committed to investing and supporting you in your professional development and we have developed a range of programs focused on fostering leadership, growth and development opportunities. We aim to promote continuous learning and individual skills development through on-the-job learning, self-guided professional development courses and certifications. You’ll be assigned a dedicated coach to mentor, guide and support you through regular coaching sessions and serve as an advocate for your professional growth.
As you progress through your career at FTI Consulting, we offer tailored programs for critical professional milestones to ensure you are prepared and empowered to take on your next role.
What You Will Need to Succeed
- Bachelor's degree required. Additional relevant advanced degree(s) (e.g., Solicitor, Juris Doctor, master’s in legal studies) highly preferred.
- 8+ or more years of applicable work experience with at least 5 of those years in information technology, information security and/or operational risk management in the context of enterprise IT systems and specifically, SaaS, IaaS or hybrid cloud environments.
- 1+ years’ experience procuring, navigating, and reviewing commercial agreements involving complex data protection, information technology and security schedules, cross border data transfers and operational service levels.
- Expert knowledge of EMEA and US data privacy and data protection regulations with hands on experience applying these to enterprise information assets and global operational approaches related to data protection.
- Knowledge and continued proactive interest and self-development in regulatory and compliance frameworks such as: Executive orders, NIST, ISO 27001, ISO 27018, ISO 27701, PCI DSS, HIPAA, etc.
- Ability to develop and maintain strong partnerships and influence across organizations at all levels without direct reporting relationships.
- Exceptional communication skills and the ability to translate complex regulatory needs into practical, concise and actionable guidance.
- Confidence and demonstrated experience to make complex decisions at pace in a rapidly evolving environment; ability to diplomatically identify and address noncompliance even if unpopular.
- Adaptable to shifting priorities; manages competing priorities to achieve the most effective result and able to work in dynamic and results driven environment.
- Ability and desire to take initiative, work with autonomy, quickly risk-assess and prioritize based on various factors including overall business value.
Preferred Qualifications:
- At least one CIPP (A, E, or US) is strongly preferred.
- CIPT, CIPM, CRISC, CDPSE and/or other relevant privacy, information governance, security or data governance certification highly desired.
- Demonstrated project management expertise with exposure to Agile.
- Familiarity and ideally, previous experience with at least one major data governance enterprise platform (i.e., One Trust), vendor risk management system and a Contract Lifecycle Management system ( i.e. Ironclad, DocuSign, Conga, Luminance, etc.).
- Experience with Privacy Enhancing Technologies
- 2+ years providing governance in technology environments that leverage machine learning and AI.