AVP Digital Finance & Artificial Intelligence (AI) Risk Management

at  Moodys

LOCATION(S):

• Moodys Analytics, 3rd floor, West Tower, Eurocenter Business Center, in front of Cenada, Heredia, 40104, CR
  Line Of Business: MIS Risk Management(MIS RISK MGMT)

JOB CATEGORY:

• Engineering & Technology
  Experience Level: Experienced Hire
  At Moody’s, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are-with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways.
  If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity.

SKILLS AND COMPETENCIES.

• At least 5 years of experience in governance, risk and control, self-assessment, identifying and evaluating control measures, and compliance with financial services, particularly in AI, digital finance, or technology related areas.
• Broad-based technology, information security and data experience in a financially regulated global company and ideally risk and control experience in Next-Gen Digital Innovation, including but not limited to Generative AI digital finance, Quantum Computing, etc.
• Establishing and maintaining relationships between business and technical stakeholders.
• Evaluating and prioritizing strategic initiatives including but not limited to maturing risk management practices, regulatory compliance e.g. Digital Operational Resiliency Act (DORA), process improvement, remediations while navigating competing stakeholder needs and driving alignment.
• Experience in Open Pages or other GRC tools and broader MS Office suite products. Critical thinker with strong analytical skills to review complex processes.
• Effective communication skills, both verbal and written.
• Ability to work independently with or without direction and/or supervision.
• Demonstrated ability to effectively interface with a diverse, global, and cross-functional team and led large-scale projects.
• Ability to influence cross-functionally and enterprise-wide and assert second line risk responsibility to challenge and influence in a highly consultative and effective manner.
• Ability to prioritize and multitask, flexibility and adaptability in work approach.

EDUCATION

• B.S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cyber Security or equivalent).
• Relevant certification is desirable, e.g., CISSP, CISM, CISA. Working knowledge of Risk Management life cycles based on established frameworks: NIST, COBIT , ISO 27001.

• Review and Challenge: provide independent review and credible challenge of the Digital Finance and AI risk profile and associated implementation of the ORM framework.
• Governance: actively engage at various committees/forums representing 2nd LoD Risk and providing subsequent updates on changes to the Digital Finance & AI risk profile.
• Risk and Control Self-Assessments (RCSA): initial challenge to the 1st LoD RCSA’s in line with the ORM standards including timely completion, challenging risks, controls, and assessments, and supporting escalation/reporting, including at governance committees.
• Issue Management: initial challenge to the identification, documentation, response, and reporting of issues in line with the Issue Management standard, including challenging completeness and accuracy of documented issues, assigned impact ratings and escalation of past due issues, and challenging closure of issues to ensure completed actions can be evidenced and are sufficient.
• Operational Risk Events (ORE’s): initial challenge that the appropriate response, escalation, documentation, and reporting is in line with the ORM framework, including post event root cause analysis to identify lessons learned and required actions to prevent recurrence.
• Key Risk Indicators (KRIs): initial challenge to the development and reporting of KRIs, including establishment of tolerance levels and rationales being provided where KRI’s are out of tolerance or have changed significantly.
• Emerging & Evolving Risks: initial challenge and monitoring of emerging and evolving risks identifying where new risks need to be reported, or current risks are significantly changing.
• Training & Guidance: provide on-going training and guidance to 1st LoD and assist with the creation of training materials as needed.
• Risk Initiatives: provide 2nd LoD participation and initial challenge as part of various initiatives to the design, requirements, and go-live criteria to reduce impact of transformation risk. Relationship Management: respected point of contact and a trusted advisor to stakeholders across the business and support functions in providing ORM coverage for Digital Finance and AI risk.
• Policies, Standards & Procedures: review and credibly challenge adherence by the Digital Finance and AI teams to Policies, Standards and Procedures, as well as adherence to MR ORM framework.
• GRC Use and Reporting: oversee effective and complete use of the GRC tool for all ORM risk activities by the 1st LoD ensuring it is comprehensive, timely and accurate.