Compliance Risk Analyst - PV W2

Compliance Risk Analyst

Location: Hybrid – Tues and Wed in Marlborough, MA; for locals within 45‑60 miles.

Duration: 12 Months.

Method of Inquiry: Skype.

• 5 – 8 years of governance or risk management type experience.
• Bachelor's degree in a relevant field (e.g., Data/Computer Science, Information Systems, Risk/Compliance) or equivalent experience.
• Experience working with Microsoft Office Suite.
• Working knowledge of AI/ML concepts (data pipelines, model lifecycle, performance monitoring, bias, explainability).
• Experience operationalizing governance processes (intake, control testing, evidence collection, reporting).
• Strong analytical, documentation, and stakeholder communication skills.
• 1 – 2 years of AI experience.
• Familiarity with AI model governance artifacts (model cards, datasheets, risk registers), responsible AI practices (human oversight, safety, transparency), and MLOps.
• Exposure to enterprise platforms supporting governance workflows (e.g., Service Now, SharePoint, Power Automate/Power Apps, Confluence/Jira), data catalog/lineage, and assessment tools.

• Analyze AI use cases and guide them through their lifecycle—Intake, Review, Assessment, Socialization, and Closure.
• Maintain inventories of AI systems, models, datasets, and third‑party AI tools, including risk tiers and approval statuses.

• Highlight risks associated with the use case and help business owners respond to those risks.
• Lead AI risk assessments: assess purpose, model risk, bias, transparency, accuracy, human oversight, etc.

• Run the AI intake process (triage, scoping, routing) in collaboration with Legal, Privacy, Cybersecurity, IT, and Business stakeholders.
• Develop governance templates and artifacts (risk profiles, decision logs, RACI, playbooks, assessment checklists, etc.).

• Produce dashboards and executive reports for leadership, audit, and regulatory inquiries.
• Facilitate periodic reviews of AI systems; coordinate post‑deployment monitoring and incident response workflows.

• Partner with IT, Legal, Privacy, Cybersecurity, and AI Governance Committee to align governance requirements with delivery milestones and identify regulatory considerations.
• Support the organization’s AI literacy program through risk identification and providing business owners guidance on responsible AI practices, policy updates, and process changes.

• Risk Mindset:
  Ensures strong governance without hindering innovation; foresees downstream risks and raises them to the business teams.
• Analytical Thinking:
  Structures complex problems, synthesizes evidence, and recommends actionable controls.
• Stakeholder Influence:
  Facilitates alignment across Legal, Privacy, Cybersecurity, IT, and AI Governance Committee.
• Communication:
  Produces clear, audit‑ready documents and concise executive updates.
• Process Ownership:
  Drives intake, assessment, and monitoring workflows end‑to‑end with strong follow‑through.