Sr. Director, AI & Technology Risk Governance
The Mutual Group · Raleigh, NC · 2 mo ago
RemoteRemoteEngineering$180k–$220k/yrFull-time
Accountabilities
- AI Systems Governance Leadership (Primary Focus)
- Own and operate the AI Systems Governance Program across the full lifecycle:
- Intake, risk assessment, approval, monitoring, and retirement
- Lead the AIS / Security Governance Team, responsible for executing AI governance activities defined in the AIS Program, including:
- AI Risk Threshold Analysis
- AI system review and risk classification
- Governance recommendations for approval and escalation
- Ensure governance is executed as a continuous control function, with ongoing validation, monitoring, and improvement
- Partner with business and AI teams to ensure governance enables responsible AI adoption, not just compliance
- Multi-Member Governance Model
- Establish and operationalize a shared AI governance model across multiple member insurance carriers
- Consistent application of: AI policies, standards, and controls
- Risk classification and escalation frameworks
- Partner with member organizations to:
- Understand AI use cases and business objectives
- Align governance with member-specific regulatory and risk requirements
- Support adoption of best practices, playbooks, and controls across members
- Drive consistency in AI inventory, reporting, and monitoring across all members
- Risk Oversight & Decisioning
- Provide executive oversight of AI risk assessments and governance decisions
- Review and approve low-risk AI systems; escalate mid/high-risk systems to CLO and AIS Committee
- Exercise judgment in risk classification ambiguity and escalation decisions
- Ensure appropriate governance for:
- Predictive models impacting underwriting, claims, and pricing
- Customer-facing AI use cases
- AI systems leveraging sensitive or regulated data
- Monitoring, Controls & Assurance
- Oversee ongoing monitoring and validation of AI Systems, including:
- Model performance
- Drift and bias detection
- Ensure AI Systems continue to meet:
- Regulatory expectations
- Ethical and fairness standards
- Oversee effectiveness of:
- Cyber security controls (NIST CSF, NYDFS)
- IT general controls and risk register
- Data privacy safeguards (CCPA, IT lens)
- Drive readiness for:
- Internal audit and regulatory exams
- External certifications (SOC 2)
- Vendor & Third-Party AI Governance
- Oversee vendor-wide AI governance across the enterprise and member organizations
- Ensure execution of:
- Vendor AI detection across the full vendor portfolio
- FactSheet review, validation, and updates
- Partner with Vendor Management and member teams to:
- Ensure vendors meet contractual, regulatory, and AI governance requirements
- Support member-specific vendor risk needs
- Governance, Reporting & Incident Management
- Lead AIS Committee engagement and Board-level reporting
- Provide bi-annual updates on:
- AI risk posture
- Cyber and technology risk posture
- Ensure consistent and transparent reporting across member organizations
- Oversee governance of AI-related incidents and anomalies, including:
- Cross-functional coordination
- Escalation and remediation
- Broad Technology Risk Governance
- Establish unified governance across:
- Cyber Security Governance
- Data Privacy (IT lens)
- IT General Controls and risk register
- Ensure alignment between AI governance and broader Technology Risk frameworks
- Cross-Functional Coordination
- Collaborate closely with technology and business teams across the organization
- Ensure effective coordination with the Architecture Review Board (ARB) where architectural alignment is required
- Team Leadership
- Build and lead a high-performing governance team
- Set operating cadence, priorities, and performance expectations
- Foster a service-oriented mindset focused on enabling member organizations
- 12+ years in technology risk, AI governance, cyber risk, or enterprise risk
- Experience operating in regulated environments (insurance or financial services preferred)
- Experience working in multi-entity / shared services / multi-carrier environments
- Deep understanding of AI Systems governance and model risk
- Strong familiarity with:
- NAIC AI Model Bulletin
- NYDFS Cybersecurity Regulation
- CCPA
- NIST CSF and NIST AI RMF
- SOC 2
- Experience with vendor risk management
- Experience with GRC platforms (e.g., Archer, ServiceNow, OneTrust)
- Strong executive communication, influencing, and leadership skills
Qualifications
Pay Range
Anticipated Hiring Range: $180,000 - $220,000 annual base salary depending on experience, qualifications, and geographic location