About OpenLoop

OpenLoop was co-founded by CEO, Dr. Jon Lensing, and COO, Christian Williams, with the vision to bring care anywhere. Our telehealth support solutions are thoughtfully designed to streamline and simplify go-to-market care delivery for companies offering meaningful virtual support to patients across an expansive array of specialties, in all 50 states.

About The Role

OpenLoop’s mission is to bring care anywhere by powering telehealth solutions at scale. OpenLoop’s GRC team is growing and we are looking for a Data & AI Governance Lead to support our AI and data governance programs. Deploying AI across the business and treating data as a core asset, we are dedicated to showing our customers that we govern responsibly. This role will run the AI governance program day to day, the use-case intake, the risk model, the standard, and the council, and help stand up the data governance program on the same model.

What You'll Do

• Own and operate OpenLoop's AI governance program end-to-end — use-case intake, risk triage and scoring, the AI Use Case Register, issue tracking, and the AI Governance Council review cadence.

• Author and evolve OpenLoop's AI governance standard — the scoring rubric, risk taxonomy, and review framework — keeping it current with evolving AI risk frameworks and the U.S. regulatory landscape, including new federal executive orders and emerging state AI laws.

• Run intake and review to SLA: assess new AI use cases, document risk and regulatory exposure, set conditions of approval, and drive findings to closure.

• Prepare and lead AI Governance Council sessions — agenda, materials, and recommendations — so decisions get made, recorded, and acted on without escalation.

• Help stand up and then run OpenLoop's data governance program on the same model — the Data Governance Council, the data governance standard, the enterprise data classification scheme, and the data ownership and stewardship model.

• Measure adherence to the data governance standard across the operating teams, and report clearly where the organization is and is not meeting it.

• Partner with the teams that operate data day to day — Privacy, Data Security, Data Protection (DLP), Data Platform, and Data Engineering & Analytics — setting the standards they run against and measuring whether they're met.

• Govern the data that feeds AI systems as a priority slice of both programs — provenance, lineage, classification, and quality of training and inference data — so models are built on trustworthy, appropriately handled data.

• Assess AI vendor and model risk in partnership with Third-Party Risk, Security, and Legal — including standalone AI tools and AI features embedded in existing vendors.

• Maintain AI and data governance metrics, dashboards, and reporting. Translate AI and data risk posture into language the leadership team and board can act on.

• Support SOC 2, HITRUST, and HIPAA assurance activities related to AI and data governance controls.

• Use AI to run the program — automate your own governance workflows for intake, scoring, evidence gathering, and reporting, and keep improving them.

• Other duties as assigned.

Who You Are

Required

• 5-7 years experience in GRC (governance, risk and compliance), with at least 2 years hands-on in AI/ML governance or AI risk management.

• Experience with AI and data governance, including oversight of data flows, and third-party risks.

• Experience with workflow automation, bringing specific hands-on experience with agentic tools like Claude Code.

• Experience with AI governance frameworks such as the NIST AI RMF, and the U.S. AI regulatory landscape, including new federal executive orders and emerging state AI laws.

• Experience building or operating an AI use-case intake, risk-scoring, and review process — registers, review boards, or AI governance councils.

• Working knowledge of a data governance operating model — classification, ownership and stewardship, lineage, and quality — ideally aligned to CDMC or DAMA-DMBOK.

• Proven experience standing up and running a data governance program

• Ability to author governance standards and risk taxonomies, and measuring adherence.

• Experience with healthcare data, HIPAA, and PHI handling.

• Strong analytical and writing skills — you can build a rubric, score a use case, and produce executive-ready reporting.

• Experienced with being an autonomous team player, in a lean, fast-moving environment.

Preferred Qualifications

• AIGP (IAPP), ISO/IEC 42001 Lead Implementer, CIPP, CISA, or equivalent certifications.

• CDMC certification or hands-on experience standing up a data governance council, standard, or stewardship program.

• Experience supporting IPO readiness or SOC 2/HITRUST audit cycles.

• Experience governing third-party and embedded AI, and model risk.

• Familiarity with data lineage, classification, and catalog tooling.

Our Company

We have a relatively flat organizational structure here at OpenLoop. Everyone is encouraged to bring ideas to the table and make things happen. This fits in well with our core values of Autonomy, Competence and Belonging, as we want everyone to feel empowered and supported to do their best work.

Sound like a good fit? We’d love to meet you.