AI GRC Program Manager

Posted Yesterday
Be an Early Applicant
Nashville, TN, USA
In-Office
125K-135K Annually
Senior level
Legal Tech
The Role
Lead development and execution of the firm's AI governance, risk, and compliance program. Define policies, vendor and internal AI controls, monitor regulatory developments (U.S./UK/EU), support audits and client diligence, and coordinate cross-functional stakeholders to operationalize responsible AI use.
Summary Generated by Built In
Nashville, TennesseeJob Description

The AI Governance, Risk & Compliance Program Manager leads the development and execution of Pillsbury’s AI governance program to support the responsible use of artificial intelligence across the Firm. This role focuses on AI compliance, risk management, policy development, internal governance, vendor oversight, and strategic program coordination to help ensure the Firm’s use of AI aligns with legal, regulatory, client, and business expectations.

This position works closely with GRC, IT, Information Security, Privacy, Legal, Chief AI Office, and business stakeholders to establish practical governance structures for third-party AI tools and internal AI systems, including AI-specific requirements that integrate into the Firm’s broader vendor risk management process. The Program Manager will help define the Firm’s approach to AI risk, interpret evolving requirements, draft and maintain AI-related policies and standards, and support both internal and client-facing governance needs.

KEY RESPONSIBILITIES

AI Governance Program Leadership

  • Lead the day-to-day execution and ongoing maturity of the Firm’s AI governance, risk, and compliance program.
  • Help define and operationalize the Firm’s governance framework for third-party and internal AI tools.
  • Establish clear processes for AI intake, review, approval, documentation, and oversight.
  • Partner with the Director, GRC, and Chief AI Officer to align AI governance priorities with Firm strategy and risk tolerance.

Policy Development & Interpretation

  • Draft, maintain, and interpret AI-related policies, standards, procedures, and governance guidance for the Firm.
  • Translate evolving legal, regulatory, and client expectations into practical internal requirements and operational controls.
  • Provide policy interpretation and guidance to business and technology stakeholders on the appropriate use of AI-enabled tools.
  • Help ensure AI governance documentation remains current, practical, and aligned with the Firm’s broader risk and compliance framework.

Vendor AI Governance

  • Establish and maintain the AI governance framework, review standards, and control expectations used to assess third-party AI vendors.
  • Partner with GRC Analysts responsible for third-party management to integrate AI-specific requirements into the Firm’s vendor review process.
  • Provide consultation on higher-risk, complex, or novel AI vendor reviews, including issues related to data use, model behavior, human oversight, and regulatory exposure.
  • Collaborate with Legal, Privacy, Information Security, Chief AI Office, and business stakeholders to define appropriate governance conditions for approved AI-enabled vendors.
  • Help ensure approved AI vendors are subject to clear usage boundaries, documentation standards, and ongoing governance expectations.
Internal AI Governance
  • Lead governance activities for internal AI systems and AI-enabled workflows used by the Firm.
  • Define requirements related to acceptable use, human oversight, output validation, escalation, transparency, and monitoring.
  • Assess internal AI use cases for alignment with Firm policy, client expectations, and applicable legal and regulatory requirements.
  • Ensure governance expectations are clearly documented for approved internal AI use cases, including risk considerations, controls, and oversight requirements.
Regulatory Compliance & Strategic Guidance
  • Monitor and interpret emerging AI laws, regulations, standards, and client requirements across key jurisdictions, including the U.S., UK, and EU.
  • Advise internal stakeholders on the practical implications of AI-related legal and regulatory developments.
  • Support the Firm’s efforts to maintain a defensible and scalable AI governance posture across jurisdictions.
  • Identify areas where new or revised internal policy, process, or controls may be needed based on changes in the regulatory landscape.
Client-Facing Governance Support
  • Lead or support responses to client-facing AI questionnaires, outside counsel guidelines, and other AI-related diligence requests.
  • Help ensure the Firm can clearly and consistently articulate its governance approach for AI-related tools and use cases.
  • Coordinate with internal stakeholders to gather, validate, and organize information needed for client and regulatory responses.
Audit Readiness, Controls & Assurance
  • Help design and maintain an auditable AI governance control environment for the Firm.
  • Develop and maintain documentation, evidence, and governance artifacts to support internal audits, client reviews, regulatory inquiries, and potential future external assurance or certification efforts.
  • Lead or support control mapping, gap assessments, remediation tracking, and evidence collection related to AI governance requirements.
  • Partner with cross-functional stakeholders to evaluate the design and effectiveness of AI-related controls and governance processes.
  • Monitor emerging AI assurance frameworks, certification models, and audit expectations to help position the Firm for future external validation if pursued.
Training, Awareness & Cross-Functional Coordination
  • Help develop and deliver training and awareness materials related to responsible AI use.
  • Provide practical, business-oriented guidance to attorneys and business professionals on the appropriate use of AI-enabled tools.
  • Facilitate cross-functional working sessions, governance meetings, and program maturity initiatives.
  • Track and report on key AI governance activities, risks, remediation items, and milestones for leadership.

REQUIRED EDUCATION, KNOWLEDGE & EXPERIENCE

  •  Bachelor's degree in Information Systems, Data Science, or related field preferred.
  • 7+ years of experience in governance, risk, compliance, privacy, information security, technology risk, regulatory compliance, or related discipline.
  • Experience leading or managing cross-functional governance or compliance programs in an enterprise or professional services environment.
  • Familiarity with AI governance concepts and risks, including third-party AI vendors, generative AI tools, and internal AI use cases.
  • Familiarity with AI-related regulatory developments in the U.S., UK, and EU.
  • Experience drafting, interpreting, and implementing policies, standards, procedures, or governance frameworks.
  • Experience supporting audits, assessments, control reviews, or compliance readiness activities.
  • Experience working cross-functionally with Legal, IT, Security, Privacy, and business stakeholders.
  • Strong understanding of confidentiality, data protection, and risk management principles.
  • Ability to translate complex legal, regulatory, or technical issues into clear, business-oriented guidance.
  • Strong organizational skills, sound judgment, and attention to detail.

PREFERRED QUALIFICATIONS

  • Experience supporting AI governance, privacy, compliance, or technology risk efforts in a law firm or professional services environment.
  • Experience supporting client-facing questionnaires, outside counsel guidelines, or similar diligence processes.
  • Experience reviewing vendor security documentation, privacy materials, contracts, and product data flows.
  • Knowledge of governance and control frameworks such as ISO 27001, NIST, or related privacy and security standards.
  • Familiarity with emerging AI assurance frameworks, responsible AI control models, or certification approaches.
  • Relevant certifications in compliance, privacy, security, governance, or risk management are a plus.
  • Strong written and verbal communication
  • Strategic thinking and program leadership
  • Governance and compliance mindset
  • Analytical problem-solving
  • Sound judgment and risk balancing
  • Policy drafting and interpretation
  • Ability to manage multiple workstreams simultaneously
  • Cross-functional collaboration and stakeholder management

PHYSICAL REQUIREMENTS

  • Ability to sit and stand for extended periods.
  • Ability to lift up to 15 pounds.

The expected salary range for this position is $125,000 - $135,000.  Final compensation will be determined based on several factors, including but not limited to, relevant experience, qualifications, skill set, and geographic location.

Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer.

If you require an accommodation in order to apply for a position, please contact us at [email protected].

Skills Required

  • 7+ years in governance, risk, compliance, privacy, information security, technology risk, regulatory compliance, or related discipline
  • Experience leading or managing cross-functional governance or compliance programs in an enterprise or professional services environment
  • Familiarity with AI governance concepts and risks, including third-party AI vendors, generative AI tools, and internal AI use cases
  • Familiarity with AI-related regulatory developments in the U.S., UK, and EU
  • Experience drafting, interpreting, and implementing policies, standards, procedures, or governance frameworks
  • Experience supporting audits, assessments, control reviews, or compliance readiness activities
  • Experience working cross-functionally with Legal, IT, Information Security, Privacy, and business stakeholders
  • Strong understanding of confidentiality, data protection, and risk management principles
  • Ability to translate complex legal, regulatory, or technical issues into clear, business-oriented guidance
  • Strong organizational skills, sound judgment, and attention to detail
  • Bachelor's degree in Information Systems, Data Science, or related field
  • Experience supporting AI governance, privacy, compliance, or technology risk efforts in a law firm or professional services environment
  • Experience supporting client-facing questionnaires, outside counsel guidelines, or similar diligence processes
  • Experience reviewing vendor security documentation, privacy materials, contracts, and product data flows
  • Knowledge of governance and control frameworks such as ISO 27001 or NIST
  • Familiarity with emerging AI assurance frameworks, responsible AI control models, or certification approaches
  • Relevant certifications in compliance, privacy, security, governance, or risk management
  • Ability to sit and stand for extended periods and lift up to 15 pounds
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: New York, NY
1,896 Employees

What We Do

Pillsbury Winthrop Shaw Pittman LLP is an international law firm with a particular focus on the technology & media, energy, financial services, and real estate & construction sectors. Recognized by legal research firm BTI Consulting as one of the top 20 firms for client service, Pillsbury and its lawyers are highly regarded for their forward-thinking approach, their enthusiasm for collaborating across disciplines and their authoritative commercial awareness. To learn more, visit pillsburylaw.com. To join the Pillsbury Network LinkedIn group for current and alumni attorneys and staff, go to http://www.linkedin.com/groups?gid=1043837 Comment policy for this page: We reserve the right to remove any post that we deem offensive, inappropriate, or irrelevant to the purpose of this site.

Similar Jobs

BAE Systems, Inc. Logo BAE Systems, Inc.

Principal Systems Engineer

Aerospace • Hardware • Information Technology • Security • Software • Cybersecurity • Defense
Hybrid
Kingsport, TN, USA
40000 Employees
97K-164K Annually

BAE Systems, Inc. Logo BAE Systems, Inc.

Process Engineer

Aerospace • Hardware • Information Technology • Security • Software • Cybersecurity • Defense
Hybrid
Kingsport, TN, USA
40000 Employees
97K-164K Annually

BAE Systems, Inc. Logo BAE Systems, Inc.

Project Engineer

Aerospace • Hardware • Information Technology • Security • Software • Cybersecurity • Defense
Hybrid
Kingsport, TN, USA
40000 Employees
109K-185K Annually

Cloudflare Logo Cloudflare

Director, Enterprise Sales (AI & Digital Natives)

Cloud • Information Technology • Security • Software • Cybersecurity
Remote or Hybrid
2 Locations
4400 Employees
415K-496K Annually

Similar Companies Hiring

Eve Thumbnail
Legal Tech • Software • Generative AI
San Mateo, CA
180 Employees
GC AI Thumbnail
Artificial Intelligence • Legal Tech
San Mateo, California
100 Employees
Legora Thumbnail
Artificial Intelligence • Legal Tech • Software
Chicago, Illinois
700 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account