AI Trust & Governance Consultant

Zartis is a global AI transformation and technology consulting partner where talented engineers and technologists work on cutting edge innovation. We partner with ambitious organizations to design, build, and scale technology solutions that deliver real impact.

We are powered by world-class experts in AI, APIs, and cloud-native engineering. Our mission is to facilitate a high-performance ecosystem where these teams can thrive, moving from strategy through to full product delivery.

Spanning EMEA and LATAM, Zartis offers a global stage for impactful work in life sciences, energy, and finance. We are dedicated to nurturing a professional community where every individual can see their business impact and experience genuine career acceleration alongside the best minds in the industry.

We are looking for an AI Trust & Governance Consultant to join our Operations team.

Our teammates are talented people that come from a variety of backgrounds. We’re committed to building an inclusive culture based on trust and innovation

You will be part of a distributed team responsible for analysing, recommending and guiding the implementation of our AI trust framework.

We are looking for someone not just to check boxes, but ensure our AI deployment is ethical, transparent, and compliant, while also acting as a strategic advisor to our customers. You will translate complex requirements like the EU AI Act into actionable internal policies and prepare the company for an ISO 42001 certification, while simultaneously helping our clients navigate their own AI governance journeys.

• →Serve as a subject matter expert for clients through dedicated consulting engagements, conducting billable AI Readiness Assessments and building custom AI Risk Management Frameworks tailored to their operational context.
• →Translate high-level regulations (such as the EU AI Act) into practical, actionable guidance for clients navigating AI governance requirements.
• →Build out an ISO 42001 (AIMS) framework leveraging our existing ISO 27001 certification, ensuring AI-specific controls are seamlessly integrated into our broader Information Security Management System.
• →Align AI risk management workflows with established ISO 27001 risk treatment plans, addressing data privacy, security, and AI-specific risks such as algorithmic bias and hallucinations in a unified approach.
• →Lead internal audits spanning the intersection of information security and AI governance, meeting documentation requirements across both standards without duplicating effort.
• →Map ISO 42001 controls against existing ISO 27001 controls to identify synergies, close compliance gaps, and elevate Data Governance as a cornerstone of AI accountability.
• →Champion data quality and system transparency by institutionalising rigorous standards for dataset lineage, provenance, and documentation, ensuring models are built on ethical data sourcing and interpretable architectures.
• →Collaborate with engineering teams to embed security and governance principles directly into the design and development of AI systems, ensuring compliance is built in from the start.
• →Partner with Sales and Tech teams to demonstrate how our ISO 42001 and ISO 27001 alignment positions us as a trusted provider, supporting high-value deal progression.

• →Client-facing consulting experience, including delivering AI Readiness Assessments and strategic gap analyses, translating complex regulatory frameworks into actionable business roadmaps, and influencing stakeholders from C-suite to technical engineering teams.
• →Proven risk management expertise in technology or data-driven environments, with a track record of identifying, assessing, and mitigating risks effectively.
• →Policy writing and compliance auditing skills, with demonstrable experience producing enforceable policies and conducting rigorous audits that drive measurable improvements.
• →Deep familiarity with ISO/IEC 42001, including the operational lifecycle of AI models — from translating high-level controls into real-world monitoring and incident handling, to maintaining continuous compliance evidence well beyond initial implementation.
• →Strong working knowledge of the EU AI Act, including its classification tiers, provider obligations, and transparency requirements.
• →Exceptional communication skills — the ability to explain the "why" behind a control to a developer and the "how" of a system to a regulator, navigating the tension between speed and compliance rather than simply enforcing rules.