Privacy and AI Governance Senior Associate

Your Journey at Crowe Starts Here:

At Crowe, you can build a meaningful and rewarding career. With real flexibility to balance work with life moments, you're trusted to deliver results and make an impact. We embrace you for who you are, care for your well-being, and nurture your career. Everyone has equitable access to opportunities for career growth and leadership. Over our 80-year history, delivering excellent service through innovation has been a core part of our DNA across our audit, tax, and consulting groups. That's why we continuously invest in innovative ideas, such as AI-enabled insights and technology-powered solutions, to enhance our services. Join us at Crowe and embark on a career where you can help shape the future of our industry.

Job Description:

The Privacy & AI Governance Senior Associate supports Crowe's global privacy program and AI Ethics Subcommittee by providing independent research, analysis, and privacy-by-design expertise. This individual will work closely with the AI Ethics and Privacy Lead to independently operationalize privacy requirements, evaluate AI technologies, support data protection risk assessments, maintain data maps, and support business teams in embedding responsible data practices throughout the product and software lifecycle.
This role is ideal for someone who has strong analytical capabilities, experience with global privacy requirements, and an interest in emerging regulations around artificial intelligence, data governance, privacy, and responsible innovation.
This is a mid-level individual contributor (Senior Associate) role requiring autonomy and independent execution.

Key Responsibilities
1. AI Ethics & Technology Research Support

• Conduct independent, in-depth research on emerging AI technologies, regulatory frameworks (EU AI Act, NIST AI RMF, India DPDP Act, etc.), and industry developments, and prepare monthly industry/privacy/risk/AI updates based on this research.

• Prepare research briefs, risk analyses, and presentations for the AI Ethics Subcommittee.

• Monitor new AI technologies across the market and evaluate associated privacy, security, ethical, bias and fairness risks.

• Assist in drafting internal guidance related to AI ethics, responsible AI principles, and governance best practices.

2. Privacy by Design & Product Advisory

• Support product, engineering, and business teams by advising on privacy-by-design practices throughout the product lifecycle.

• Perform privacy reviews of new software, systems, and tools, especially those involving personal or sensitive personal data and/or AI capabilities.

• Document identified risks and propose practical mitigation strategies.

• Assist with evaluating privacy/security terms in vendor contracts, Data Protection Agreements, and other related artifacts.

• Partner with Legal, InfoSec, IT, and Crowe Studio to ensure alignment with Crowe policies and standards.

• This role performs these assessments independently with limited oversight, consistent with Senior Associate expectations.

3. Data Mapping & Risk Assessments

• Create, maintain, and enhance data flow diagrams and data inventories for various business processes.

• Conduct and document Privacy Impact Assessments (PIAs), Data Protection Impact Assessments (DPIAs), AI Risk Assessments, and transfer impact analyses (TIAs).

• Analyze data lifecycle processes to identify gaps, privacy risks, and areas requiring remediation.

• Assist in monitoring compliance with global data protection regulations (GDPR, CCPA/CPRA, DPDP Act, HIPAA, PCI DSS etc.).

• Demonstrate familiarity with Governance, Risk, and Compliance (GRC) software—preferably ServiceNow GRC or similar platforms—to support workflow management, risk tracking, and documentation within privacy and AI governance processes.

• Work autonomously to deliver assessments and provide recommendations.

4. Operational Privacy & Compliance Support

• Respond to internal inquiries submitted to , providing foundational assessments and escalating to senior SMEs where needed.

• Support internal privacy awareness initiatives, including training materials, intranet updates, and knowledge articles.

• Maintain and organize documentation, including policies, standards, and risk mitigation plans.

• Prepare metrics, dashboards, and reports for privacy program operations and leadership updates.

• Operate with the independent judgment expected at the Senior Associate level.

5. AI & Software Review Support

• Assist with building internal frameworks for AI model documentation (e.g., model cards, data sheets).

• Assist the AI Ethics and Privacy Lead in reviewing new and recurring software requests, including tools involving AI and genAI.

• Analyze risks related to automated decision-making, data retention, model training, third-party APIs, and user access.

• Track review requests, risk decisions, and mitigation actions across the portfolio.

• Support communication of approval/denial rationale to internal requesters.

• Perform these reviews independently for standard-risk requests, escalating high-risk matters.

6. Cross-Functional Collaboration

• Work collaboratively with Legal, InfoSec, Firm IT, Data Governance, and other enabling functions.

• Participate in meetings with business unit leaders as needed.

• Support enterprise-level AI and privacy initiatives, including cross-BU project coordination.

• Serve as the first point of contact in India for Privacy and AI Governance-related inquiries, partnering closely with business units and Firm Risk Management resources "on the ground" to ensure timely guidance, issue resolution, and alignment with global standards.

• Acts as a trusted subject-matter contributor rather than an entry-level support role.

7. Additional Contribution Areas (Optional but Highly Valuable)

• Maintain regulatory watchlists and contribute to policy updates.

• Provide support for audits and evidence collection for compliance reviews.

• Contribute proactively as expected of a Senior Associate.

Minimum Qualifications

• Bachelor's degree in Law, Computer Science, Information Management, Cybersecurity, or a related field.

• 3+ years (Senior Associate level) of experience in global privacy, data protection, or risk/governance roles.

• Certification strongly preferred: AIGP, CIPP/US, CIPP/E, CIPP/A, CIPP/AI, CIPM, or equivalent.

• Strong understanding of global privacy regulations (GDPR, CCPA/CPRA, DPDP Act, etc.).

• Foundational knowledge of AI governance frameworks, ethical AI principles, and AI-related regulatory trends.

• Experience conducting or supporting PIAs, DPIAs, data mapping, and privacy risk assessments.

• Strong analytical, research, and critical-thinking skills.

• Excellent written and verbal communication skills.

• Ability to work independently with limited oversight (required for Senior Associate), prioritize tasks, and manage ambiguity.

Preferred Qualifications

• Experience with privacy tools (OneTrust, TrustArc, Collibra, DataGrail, etc.).

• Exposure to AI/ML systems, data handling workflows, or model evaluation.

• Familiarity with security concepts such as encryption, access management, and secure development.

• Experience reviewing contracts, DPAs, and technical documentation.

Working Relationships
This role works closely with:

• AI Ethics & Privacy Lead (direct manager)

• Chief Compliance and Privacy Officer

• Information Security leadership team

• Legal & General Counsel teams

• Managing Partner for AI

• Client-facing AI partners

• Enabling functions (Finance, Talent Solutions, Operations, Communications, etc.)

Why This Role Matters
This position directly contributes to advancing Crowe's global privacy and AI ethics strategy by:

• Scaling research and governance operations

• Strengthening privacy-by-design across product and technology processes

• Enhancing risk assessment and compliance documentation

• Supporting safe, responsible, and compliant AI adoption across the firm

• Serving as an independently-operating Senior Associate capable of executing complex tasks without continuous supervision

We expect the candidate to uphold Crowe's values of Care, Trust, Courage, and Stewardship. These values define who we are. We expect all of our people to act ethically and with integrity at all times.

Our Benefits:
At Crowe, we know that great people are what makes a great firm. We value our people and offer employees a comprehensive benefits package. Learn more about what working at Crowe can mean for you

How You Can Grow:
We will nurture your talent in an inclusive culture that values diversity. You will have the chance to meet on a consistent basis with your Career Coach that will guide you in your career goals and aspirations. Learn more about where talent can prosper

More about Crowe:

C3 India Delivery Centre LLP formerly known as Crowe Howarth IT Services LLP is a wholly owned subsidiary of Crowe LLP (U.S.A.), a public accounting, consulting and technology firm with offices around the world. Crowe LLP is an independent member firm of Crowe Global, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory firms in more than 130 countries around the world.

Crowe does not accept unsolicited candidates, referrals or resumes from any staffing agency, recruiting service, sourcing entity or any other third-party paid service at any time. Any referrals, resumes or candidates submitted to Crowe, or any employee or owner of Crowe without a pre-existing agreement signed by both parties covering the submission will be considered the property of Crowe, and free of charge.