AI Ethics & Compliance Lead

At Virtusa (former ITMAGINATION), the company combines engineering excellence, creativity, and an AI-first mindset to co-create solutions that help businesses grow faster, operate smarter, and improve experiences with technology. The role is based in the Poland delivery center and focuses on responsible, ethical AI/ML solution development aligned with global regulatory standards.

• 6–8 years of professional experience in Governance, Risk, and Compliance (GRC) with focus on AI/ML or regulated digital transformation projects.
• Hands-on expertise implementing NIST AI RMF, OECD AI Principles, ISO/IEC 23894.
• Comprehensive knowledge of GDPR (automated decision-making and profiling), HIPAA (PHI protection), SOC 2 trust service criteria; familiarity with EU AI Act preferred.
• Strong understanding of Large Language Models (LLMs), NLP, classical ML algorithms, model training and deployment.
• Practical knowledge of Explainable AI (XAI) techniques and tools.
• Experience with bias-detection tools and frameworks for model fairness and remediation.
• Experience developing risk registers, control frameworks, and leading DPIA/AIA impact assessments.
• Background in supporting or leading technical audits for enterprise software or AI systems.
• Exceptional communication skills to influence C-suite, legal counsel, and technical leads.
• Ability to translate legal and ethical prose into technical requirements.
• Master’s degree in Law, Computer Science, Philosophy (Tech Ethics), or related field.
• High integrity, analytical rigor, and ability to navigate ambiguous regulatory landscapes.
• Native or C1-level English proficiency.
• Experience working in Agile/Scrum environments using Jira for compliance tracking.

AI Governance & Framework Implementation:

• Define and execute an AI governance strategy aligned with OECD AI Principles, NIST AI Risk Management Framework (RMF), and ISO/IEC 23894.
• Establish clear policies for every stage of the AI lifecycle: design, development, deployment, and continuous monitoring.

Regulatory Compliance & Data Protection:

• Serve as subject matter expert for GDPR, HIPAA, and SOC 2 in the AI context.
• Conduct Data Protection Impact Assessments (DPIA) and AI-specific risk assessments.

AI Risk Management:

• Develop and maintain an AI Risk Register.
• Identify and mitigate risks related to algorithmic bias, performance degradation, and explainability gaps.
• Define risk scoring models guiding deployment decisions.

Responsible AI Practices:

• Establish and lead an AI Ethics Review Board.
• Set standards for Explainable AI (XAI), non-discrimination, and human-in-the-loop oversight.

Audit, Controls & Assurance:

• Design AI controls framework.
• Support internal and external audits including SOC 2 and regulatory inquiries.
• Ensure traceability of AI decisions and documentation of model training and data lineage.

Monitoring & Continuous Compliance:

• Establish KPIs and Key Risk Indicators (KRIs) for AI governance.
• Implement continuous monitoring for bias detection and compliance adherence.

Cross-functional Collaboration:

• Act as liaison between Data Science/Engineering, Legal, and Business stakeholders.
• Translate regulatory requirements into actionable technical controls.