AI Governance Analyst (f/m/d)

About the Role

The AI Governance Lead will take ownership of designing, operationalizing, and leading Raisin’s enterprise-wide AI Governance program. Drawing on industry best practices, this individual will establish the frameworks, policies, and risk-management boundaries that guarantee our internal models, Generative AI tools, and third-party AI integrations are ethical, secure, and fully compliant with emerging regulations like the EU AI Act and GDPR.

Your Responsibilities

• AI Governance Framework: Develop, implement, and maintain enterprise-wide AI policies, standards, and operating procedures that guide the responsible development, procurement, and deployment of AI systems.
• ISO 42001 Alignment: Align the internal AI governance processes and controls with structural guidelines from the ISO/IEC 42001 standard, applying its principles pragmatically to build a mature framework.
• AI Inventory & Lifecycle Management: Establish and maintain a centralized AI Use Case Registry. Track all internal and third-party AI/ML models across the organization to ensure full visibility and accountability throughout their lifecycle.
• Risk & Impact Assessments: Coordinate collaboration between the 1st and 2nd Lines of Defense, particularly regarding risk analyses, go-lives, and the implementation of control mechanisms within the framework of AI governance.
• Third-Party AI Due Diligence: Conduct strict risk evaluations on external AI vendor tools, Copilot extensions, and SaaS platforms embedding GenAI features before they are integrated into Raisin’s environment.
• Regulatory Compliance & Monitoring: Act as the internal subject matter expert on AI regulations. Translate the requirements of the EU AI Act, GDPR, and BaFin guidelines into actionable technical and procedural controls.
• Cross-Functional Orchestration: Advise the senior management on ethical and regulatory matters; you support and coordinate audits and assessments regarding compliance with ethical and regulatory standards, thereby contributing to the sustainable and secure AI adoption.

Your Profile

• Overall Experience: 2+ years in a structured Governance, Risk, Compliance (GRC), Data Privacy, or Technology Risk role within the financial services, fintech, or tech sectors.
• Domain Specifics: 2+ years of hands-on experience establishing or managing AI, Machine Learning, or complex Data Governance operational frameworks.
• Regulatory Knowledge: Deep understanding of European privacy and technology laws, specifically GDPR (regarding automated decision-making) and the EU AI Act.
• Framework Familiarity: Strong awareness of industry standards for risk and AI governance (such as NIST AI RMF or ISO 42001).
• Technical Acumen: Solid conceptual understanding of AI/ML technologies (Generative AI, LLMs, predictive modeling) and their associated risks (data lineage, prompt injection, model drift, bias). Coding is not required, but a strong architectural understanding is.
• Pragmatic & Business-Oriented: Avoids a rigid "department of no" mentality; focuses on how to safely enable AI adoption and achieve business goals through appropriate guardrails.
• Stakeholder Management: Exceptional communication skills with the ability to translate complex AI risks into clear business terms for the executive board and technical teams alike.
• Urgency/Availability: Highly prioritized for an immediate or short-notice start date.
• Languages: Fluent in English; proficiency in German is a strong plus for regulatory matters.