AI Governance Associate

About The Position

Requirements

• 2–5 years of experience in regulatory compliance, AI governance, information governance, privacy, cybersecurity, or a related field.
• Foundational understanding of AI governance principles, risk management frameworks, or emerging AI regulatory requirements.
• Familiarity with the NIST AI Risk Management Framework or similar governance frameworks is preferred.
• Experience supporting risk assessments, control implementation, or policy development in a technology or SaaS environment.
• Working knowledge of information lifecycle, classification, or retention practices is a plus.
• Strong analytical skills with the ability to evaluate technical and regulatory risks and clearly document findings.
• Strong organizational and project coordination skills, with the ability to manage multiple concurrent workstreams.
• Effective written and verbal communication skills, with the ability to collaborate across Legal, Security, IT, Product, and business stakeholders.
• Detail-oriented, proactive, and comfortable operating in a fast-evolving regulatory environment.

Nice To Haves

• Experience supporting compliance with global AI laws and technology regulations.
• Familiarity with governance, risk, and compliance platforms.
• Exposure to AI lifecycle concepts or third-party AI due diligence processes.
• Experience supporting audits or regulatory reviews.
• Relevant certifications such as CIPP, CIPM, CRISC, ISO 27001, or AI governance-related credentials are a plus.

Responsibilities

• Support the implementation and continuous improvement of Commvault’s AI governance framework aligned with the NIST AI Risk Management Framework and applicable global AI regulations.
• Assist in conducting risk assessments of AI vendors, AI-enabled tools, and internal AI use cases, including evaluation of data usage, model risk, transparency, bias, security, and regulatory considerations.
• Maintain AI risk registers, inventories, and governance documentation to ensure audit readiness and regulatory compliance.
• Partner with Security, Legal, Privacy, Product, and Business Technology teams to assess AI risks, document mitigation plans, and track remediation activities.
• Support the development, documentation, and monitoring of AI-related controls and safeguards.
• Assist in preparing materials for regulatory inquiries, customer due diligence, and internal or external audits.
• Monitor emerging AI regulatory developments and support updates to policies, standards, and internal practices.
• Contribute to cross-functional governance initiatives that strengthen information lifecycle management, policy awareness, and enterprise compliance.
• Maintain governance documentation, track action items and control effectiveness metrics, and support ongoing program reporting.

Benefits

• Continuous professional development, product training, and career pathing
• An inclusive company culture, opportunity to join our Employee Groups
• Generous benefits supporting your health, financial security, and work-life balance
• Employee stock purchase plan (ESPP)