Third Party Risk Manager Jobs in Utah (NOW HIRING)

Wilson Sonsini is the premier legal advisor to technology, life sciences, and other growth enterprises worldwide. We represent companies at every stage of development, from entrepreneurial start-ups to multibillion-dollar global corporations, as well as the venture firms, private equity firms, and investment banks that finance and advise them. The firm has approximately 1,100 attorneys in 17 offices: 13 in the U.S., two in China, and two in Europe. Our broad spectrum of practices and entrepreneurial spirit allow exceptional opportunities for professional achievement and career growth.

Wilson Sonsini is looking for a Senior AI Risk Advisor to join the Risk Operations team. The Senior AI Risk Advisor, under the direction of the Manager of Risk Operations, sits at the intersection of cutting-edge AI technology and enterprise risk - a unique opportunity to shape how one of the world's leading law firms harnesses AI responsibly. This role is ideal for someone who is deeply fluent in AI systems and excited to build governance programs that are both rigorous and innovation-enabling. You will own the firm's AI risk function end-to-end: evaluating the latest AI tools and vendors, developing the governance frameworks that guide firm-wide AI adoption, and serving as a trusted advisor to attorneys, technologists, and firm leadership navigating a fast-moving AI landscape.

This position is available as a fully virtual opportunity.

Essential Duties and Responsibilities:

• Lead AI risk assessments across the full model lifecycle - evaluating third-party AI vendors, foundation models, and AI-powered platforms for data privacy risks, model behavior, security posture, and regulatory compliance before and after deployment
• Architect and continuously evolve the firm's AI governance framework - designing policies, standards, and controls that are substantive, practical, and calibrated to actual AI risk rather than checkbox compliance
• Go deep on vendor AI documentation - evaluating model cards, system cards, data processing agreements, and security questionnaires with the technical fluency to identify what matters, ask the right questions, and drive vendors toward meaningful remediation
• Stay ahead of the AI regulatory curve - tracking developments across the EU AI Act, emerging U.S. state AI laws, bar association guidance on AI in legal practice, and frameworks such as the NIST AI RMF and ISO 42001, translating them into actionable firm guidance
• Serve as the firm's internal AI risk expert - partnering with Information Security, IT, General Counsel, and practice group leadership to evaluate novel AI use cases with both technical depth and business judgment, enabling the firm to move fast while managing risk intelligently
• Represent the firm's AI governance posture externally - responding to client inquiries about AI use and positioning the firm as a leader in responsible AI adoption within the legal industry
• Perform related duties as assigned by supervisor
• Maintain compliance with all company policies and procedures

Education and/or Work Experience Requirements:

• Bachelor's degree required
• One year of experience in AI risk, AI governance, information security, or technology risk; hands-on experience working with or evaluating AI/ML systems, LLMs, or AI-enabled products is highly valued
• Relevant certifications such as AIGP are a plus but not a substitute for real AI expertise
• Strong working knowledge of AI and machine learning concepts - including how large language models work, how generative AI systems are built and fine-tuned, common failure modes, and how AI-enabled products are actually deployed in enterprise environments
• Solid grasp of AI risk and governance frameworks (NIST AI RMF, ISO/IEC 42001, EU AI Act) and the ability to apply them practically rather than theoretically - we want someone who knows when a framework helps and when to go beyond it
• Solid understanding of data privacy and confidentiality considerations specific to AI systems, including training data risks, inference risks, and applicable regulations such as GDPR and CCPA
• Experience evaluating AI vendors or conducting third-party technical due diligence, with the ability to read model documentation critically and ask substantive questions that go beyond standard security questionnaires
• Experience in a law firm or professional services environment is a plus; more important is the ability to engage credibly with sophisticated stakeholders and translate complex AI risk concepts into clear, actionable guidance
• Excellent communication skills - able to explain model risk, brief a committee on AI governance, and write policy that people will actually read and follow
• Excellent computer proficiency (MS Office - Word, Excel and Outlook)
• Comfortable working in a fast-moving environment where the AI landscape shifts faster than any governance framework can keep up - able to make sound risk judgments under ambiguity and bring stakeholders along with you
• Self-directed and resourceful - able to build a program from the ground up, prioritize intelligently across competing demands, and drive work to completion without waiting to be told exactly how

The compensation for this position may include a discretionary year-end merit bonus based on performance. We offer a highly competitive salary and benefits package.

Benefits information can be found here. Equal Opportunity Employer (EOE).