AVP Digital Finance & Artificial Intelligence (AI) Risk Management

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are-with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. 

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Skills and Competencies.

• At least 5 years of experience in governance, risk and control, self-assessment, identifying and evaluating control measures, and compliance with financial services, particularly in AI, digital finance, or technology related areas.
• Broad-based technology, information security and data experience in a financially regulated global company and ideally risk and control experience in Next-Gen Digital Innovation, including but not limited to Generative AI digital finance, Quantum Computing, etc.
• Establishing and maintaining relationships between business and technical stakeholders.

• Evaluating and prioritizing strategic initiatives including but not limited to maturing risk management practices, regulatory compliance e.g. Digital Operational Resiliency Act (DORA), process improvement, remediations while navigating competing stakeholder needs and driving alignment.
• Experience in Open Pages or other GRC tools and broader MS Office suite products. Critical thinker with strong analytical skills to review complex processes.
• Effective communication skills, both verbal and written.
• Ability to work independently with or without direction and/or supervision.
• Demonstrated ability to effectively interface with a diverse, global, and cross-functional team and led large-scale projects.
• Ability to influence cross-functionally and enterprise-wide and assert second line risk responsibility to challenge and influence in a highly consultative and effective manner.
• Ability to prioritize and multitask, flexibility and adaptability in work approach.

Education

• B.S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cyber Security or equivalent).
• Relevant certification is desirable, e.g., CISSP, CISM, CISA. Working knowledge of Risk Management life cycles based on established frameworks: NIST, COBIT , ISO 27001.

Responsibilities

• Review and Challenge: provide independent review and credible challenge of the Digital Finance and AI risk profile and associated implementation of the ORM framework.
• Governance: actively engage at various committees/forums representing 2^nd LoD Risk and providing subsequent updates on changes to the Digital Finance & AI risk profile.
• Risk and Control Self-Assessments (RCSA): initial challenge to the 1^st LoD RCSA’s in line with the ORM standards including timely completion, challenging risks, controls, and assessments, and supporting escalation/reporting, including at governance committees.
• Issue Management: initial challenge to the identification, documentation, response, and reporting of issues in line with the Issue Management standard, including challenging completeness and accuracy of documented issues, assigned impact ratings and escalation of past due issues, and challenging closure of issues to ensure completed actions can be evidenced and are sufficient.
• Operational Risk Events (ORE’s): initial challenge that the appropriate response, escalation, documentation, and reporting is in line with the ORM framework, including post event root cause analysis to identify lessons learned and required actions to prevent recurrence.
• Key Risk Indicators (KRIs): initial challenge to the development and reporting of KRIs, including establishment of tolerance levels and rationales being provided where KRI’s are out of tolerance or have changed significantly.
• Emerging & Evolving Risks: initial challenge and monitoring of emerging and evolving risks identifying where new risks need to be reported, or current risks are significantly changing.
• Training & Guidance: provide on-going training and guidance to 1st LoD and assist with the creation of training materials as needed.
• Risk Initiatives: provide 2nd LoD participation and initial challenge as part of various initiatives to the design, requirements, and go-live criteria to reduce impact of transformation risk. Relationship Management: respected point of contact and a trusted advisor to stakeholders across the business and support functions in providing ORM coverage for Digital Finance and AI risk.
• Policies, Standards & Procedures: review and credibly challenge adherence by the Digital Finance and AI teams to Policies, Standards and Procedures, as well as adherence to MR ORM framework.
• GRC Use and Reporting: oversee effective and complete use of the GRC tool for all ORM risk activities by the 1st LoD ensuring it is comprehensive, timely and accurate.

About the team

The Digital Finance & AI Risk Management AVP is a key member of the Moody’s Rating (MR) Risk Management team, providing Operational Risk Management (ORM) expertise. The role is responsible for supporting the ORM framework designed to identify, assess, mitigate, and report on operational risks. The successful candidate will serve as part of the second line of defence (2^nd LoD) providing independent review and credible challenge to the effectiveness of digital finance and AI processes and controls. This role will be highly engaged with the businesses and support functions as solutions are developed, implemented, and maintained across the organization and shared service functions. The role is global and supports the SVP Head of Technology, Information Security, and Data Risk Management in executing MR Risk strategy and continuing to further implement and mature the ORM framework.

MR Risk Management team was established in 2020 as the 2^nd LoD risk function across MR, establishing risk policies and providing advice, guidance and challenge to the implementation and on-going adherence to these standards. The MR Risk Management team is a global team acting as a risk management centre of excellence within MR.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity or any other characteristic protected by law.

Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.

For more information on the Securities Trading Program, please refer to the STP Quick Reference guide on ComplianceNet

Please note: STP categories are assigned by the hiring teams and are subject to change over the course of an employee’s tenure with Moody’s.