Sr. Director, AI & Technology Risk Governance

Overview

Job Description Lead the enterprise AI Systems Governance Program, with core accountability for governing AI Systems across The Mutual Group and its member insurance carriers. This role operates under delegated authority from the CIO to execute the AIS Program and leads the AIS / Security Governance Team, which assumes responsibility for AI governance activities defined in the AIS Program, while the CIO retains final approval authority.

Information Technology

• AI Systems Governance Leadership (Primary Focus) 0;
  Own and operate the AI Systems Governance Program across the full lifecycle:
  Intake, risk assessment, approval, monitoring, and retirement
• Lead the AIS / Security Governance Team, responsible for executing AI governance activities defined in the AIS Program, including: AI Risk Threshold Analysis; AI system review and risk classification;
  Governance recommendations for approval and escalation
• Ensure governance is executed as a continuous control function, with ongoing validation, monitoring, and improvement
• Partner with business and AI teams to ensure governance enables responsible AI adoption, not just compliance

• Establish and operationalize a shared AI governance model across multiple member insurance carriers
• Ensure consistent application of: AI policies, standards, and controls;
  Risk classification and escalation frameworks
• Partner with member organizations to:
  Understand AI use cases and business objectives;
  Align governance with member-specific regulatory and risk requirements;
  Support adoption of best practices, playbooks, and controls across members
• Drive consistency in AI inventory, reporting, and monitoring across all members

• Provide executive oversight of AI risk assessments and governance decisions
• Review and approve low-risk AI systems; escalate mid/high-risk systems to CLO and AIS Committee
• Exercise judgment in risk classification ambiguity and escalation decisions
• Ensure appropriate governance for:
  Predictive models impacting underwriting, claims, and pricing;
  Customer-facing AI use cases; AI systems leveraging sensitive or regulated data

• Oversee ongoing monitoring and validation of AI Systems, including:
  Model performance;
  Drift and bias detection
• Ensure AI Systems continue to meet:
  Regulatory expectations;
  Ethical and fairness standards
• Oversee effectiveness of:
  Cyber security controls (NIST CSF, NYDFS); IT general controls and risk register;
  Data privacy safeguards (CCPA, IT lens)
• Drive readiness for:
  Internal audit and regulatory exams;
  External certifications (SOC
  2)

• Oversee vendor-wide AI governance across the enterprise and member organizations
• Ensure execution of:
  Vendor AI detection across the full vendor portfolio;
  Fact Sheet review, validation, and updates
• Partner with Vendor Management and member teams to:
  Ensure vendors meet contractual, regulatory, and AI governance requirements;
  Support member-specific vendor risk needs

• Lead AIS Committee engagement and Board-level reporting
• Provide bi-annual updates on: AI risk posture;
  Cyber and technology risk posture
• Ensure consistent and transparent reporting across member organizations
• Oversee governance of AI-related incidents and anomalies, including:
  Cross-functional coordination;
  Escalation and remediation

• Establish unified governance across:
  Cyber Security Governance;
  Data Privacy (IT lens); IT General Controls and risk register
• Ensure alignment between AI governance and broader Technology Risk frameworks

• Collaborate closely with technology and business teams across the organization
• Ensure effective coordination with the Architecture Review Board (ARB) where architectural alignment is required

• Build and lead a high-performing governance team
• Set operating cadence, priorities, and performance expectations
• Foster a service-oriented mindset focused on enabling member organizations

• 12+ years in technology risk, AI governance, cyber risk, or enterprise risk
• Experience operating in regulated environments (insurance or financial services preferred)
• Experience working in multi-entity / shared services / multi-carrier environments
• Deep understanding of AI Systems governance and model risk
• Strong familiarity with: NAIC AI Model Bulletin; NYDFS Cybersecurity Regulation; CCPA; NIST CSF and NIST AI RMF; SOC 2
• Experience with vendor risk management
• Experience with GRC platforms (e.g., Archer, Service Now, One Trust)
• Strong executive communication, influencing, and leadership skills

• Anticipated Hiring Range: $180,000 - $220,000 annual base salary depending on experience, qualifications, and geographic location

• Competitive base salary plus incentive plans for eligible team members
• 401(K) retirement plan that includes a company match of up to 6% of your eligible salary
• Free basic…