Sr. Director, AI & Technology Risk Governance
Ai Systems Governance
Own and operate the AI Systems Governance Program across the full lifecycle:
- Intake
- Risk assessment
- Approval
- Maintenance
- Retirement
Lead the AIS / Security Governance Team, responsible for executing AI governance activities defined in the AIS Program, including:
- AI Risk Threshold Analysis
- AI system review and risk classification
- Governance recommendations for approval and escalation
Ensure governance is executed as a continuous control function, with ongoing validation, monitoring, and improvement.
Partner with business and AI teams to ensure governance enables responsible AI adoption, not just compliance.
Risk Oversight & Decisioning
Provide executive oversight of AI risk assessments and governance decisions.
- Review and approve low-risk AI systems
- Escalate mid/high-risk systems to CLO and AIS Committee
- Exercise judgment in risk classification ambiguity and escalation decisions
- Ensure appropriate governance for:
- Predictive models impacting underwriting, claims, and pricing
- Customer-facing AI use cases
- AI systems leveraging sensitive or regulated data
Oversee ongoing monitoring and validation of AI Systems, including:
- Model performance
- Drift and bias detection
Ensure AI Systems continue to meet:
- Regulatory expectations
- Ethical and fairness standards
Oversee effectiveness of:
- Cyber security controls (NIST CSF, NYDFS)
- IT general controls and risk register
- Data privacy safeguards (CCPA, IT lens)
Drive readiness for:
- Internal audit and regulatory exams
- External certifications (SOC 2)
Vendor & Third-Party AI Governance
Oversee vendor-wide AI governance across the enterprise and member organizations.
- Ensure execution of:
- Vendor AI detection across the full vendor portfolio
- FactSheet review, validation, and updates
Partner with Vendor Management and member teams to:
- Ensure vendors meet contractual, regulatory, and AI governance requirements
- Support member-specific vendor risk needs
Broader Technology Risk Governance
Establish unified governance across:
- Cyber Security Governance
- Data Privacy (IT lens)
- IT General Controls and risk register
Ensure alignment between AI governance and broader Technology Risk frameworks.
Team Leadership
Build and lead a high-performing governance team.
- Set operating cadence, priorities, and performance expectations
- Foster a service-oriented mindset focused on enabling member organizations