The Head of AI & Compliance will lead the organisation's AI governance, data privacy, compliance and risk management functions. This role is responsible for ensuring the safe, ethical and compliant adoption of AI technologies while maintaining robust privacy, security and governance frameworks across the business.
Key Responsibilities:
AI Governance & Responsible AI:
- Develop and oversee the organisation's AI governance framework, policies and standards, aligned with industry best practices and regulatory requirements.
- Establish governance processes to review, approve and monitor AI initiatives across the business.
- Define and implement controls for AI risk management, including model oversight, fairness, transparency, explainability and ongoing performance monitoring.
- Conduct due diligence and risk assessments of AI platforms, vendors and third‑party providers.
- Maintain an inventory of AI systems and ensure appropriate risk classification and compliance with emerging AI regulations.
Data Privacy & Protection:
- Lead the organisation's data privacy programme, ensuring compliance with UK GDPR, EU GDPR and other relevant data protection regulations.
- Oversee DPIAs, data subject rights requests, breach management, records of processing activities and privacy‑by‑design initiatives.
- Manage cross‑border data transfers and associated compliance requirements.
- Partner with Legal, HR, Technology and Information Security teams to ensure privacy considerations are embedded across business operations.
Compliance, Governance & Assurance:
- Develop and maintain governance documentation, including policies, procedures, standards and operational controls.
- Oversee compliance frameworks, audits and certification programmes, supporting standards such as ISO 27001, ISO 42001 and SOC 2 where applicable.
- Lead audit readiness activities, internal control testing and regulatory responses.
- Manage the organisation's Trust Centre and ensure governance, security and compliance information remains accurate and up to date.
Leadership & Stakeholder Engagement:
- Build, lead and develop a high‑performing compliance and governance function.
- Provide regular reporting and strategic guidance to senior leadership and the Board on AI, privacy and compliance risks.
- Promote a culture of responsible AI, data protection and regulatory awareness through training and engagement programmes.
- Collaborate with cross‑functional teams to embed governance, risk management and compliance into business processes and technology delivery.
Key Requirements:
- 10–15+ years of experience across privacy, governance, compliance, intellectual property (IP), R&D incentives and/or transfer pricing, with a strong leadership track record in complex and regulated environments.
- Proven experience leading AI governance, compliance, privacy or risk functions within a technology‑driven organisation.
- Strong knowledge of AI governance frameworks, data protection regulations and risk management principles.
- Experience implementing governance programmes, audits, certification initiatives and regulatory compliance frameworks.
- Demonstrated ability to influence senior stakeholders and drive governance across multiple business functions.
- Excellent leadership, communication and stakeholder management skills.
- Relevant certifications such as CIPP/E, CIPM, ISO Lead Auditor, ISO 27001, ISO 42001 or AI governance qualifications are desirable.
