Moody's is seeking a Director of Risk Management – AI Governance to drive the governance and oversight of AI/ML technologies across the organization, ensuring responsible and safe AI adoption aligned with best practice and enterprise risk standards.
Requirements
- Risk Management Expertise: 7–10+ years of experience in risk management, AI/ML development, audit, or compliance roles, ideally in technology-driven environments.
- AI/ML Technical Depth: Hands-on experience with AI/ML development, including LLMs, RAG architectures, and GenAI risk mitigation strategies.
- Engineering Collaboration: Ability to engage deeply with technical teams, ask probing questions, and embed governance checkpoints into CI/CD pipelines without slowing delivery.
- Governance Frameworks: Familiarity with NIST AI RMF, ISO/IEC 42001, and evolving regulatory landscapes (e.g., EU AI Act).
- Vendor AI Risk Assessment: Ability to understand risks and controls of vendor-provided AI tools and evaluate business use case risk assessments and integration into Moody’s products and process workflows.
- Analytical & Scenario Thinking: Ability to assess nuanced risks for AI integrations beyond basic cybersecurity and data residency concerns.
- Model Lifecycle Governance: Expertise in end-to-end model lifecycle management—development, validation, monitoring, and retirement—aligned with SR 11-7 and internal governance standards.
Responsibilities
- AI Risk Governance Execution: Oversee day-to-day governance of AI/ML risk across multiple business units.
- Risk Assessment: Conduct and document risk assessments covering fairness, bias, explainability, security, and resilience.
- Engineering & Product Partnership: Collaborate with technical teams to embed governance checkpoints into development pipelines.
- Vendor Tool Governance: Assess risks associated with vendor AI tools adopted by the organization, reviewing alignment with internal governance standards.
- Reporting & Metrics: Consolidate Key Risk Indicators (KRIs) and governance metrics for senior leadership, audit, and regulators.
- Thought Leadership: Stay ahead of emerging risks in GenAI, agentic architectures, and evolving regulatory landscapes.
- Translate enterprise AI risk policies into practical procedures, templates, and workflows.
Other
- Bachelor’s degree in Computer Science, Risk Management, Engineering, Information Systems, or a related discipline.
- Preferred certifications: CRISC, CGRC, AIGC, CIPP/US or CIPP/E, ISO/IEC 42001, PMP or equivalent project management certification.
- Exceptional communication and collaboration skills to influence across Legal, Compliance, Cybersecurity, and Product teams.
- Ability to work in a dynamic, development-focused organization.
- Moody’s is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion or creed, national origin, ancestry, citizenship, marital or familial status, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, military or veteran status, or any other characteristic protected by law.
