VP-Digital Finance & Artificial Intelligence (AI) Risk Management

At Moody's, we unite the brightest minds to turn today’s risks into tomorrow’s opportunities. We do this by striving to create an inclusive environment where everyone feels welcome to be who they are—with the freedom to exchange ideas, think innovatively, and listen to each other and customers in meaningful ways. 

If you are excited about this opportunity but do not meet every single requirement, please apply! You still may be a great fit for this role or other open roles. We are seeking candidates who model our values: invest in every relationship, lead with curiosity, champion diverse perspectives, turn inputs into actions, and uphold trust through integrity. 

Skills and Competencies

• 10+ years of experience in risk management, digital economy, AI/ML, and blockchain, with a related concentration in Technology governance, risk and control self-assessment (RCSA), identifying and evaluating control measures, and compliance with financial services.
• Deep expertise in AI model lifecycle governance (validation, transparency, explainability) combined with a track record of assessing and managing risk appetite in emerging technology domains, and practical experience with DeFi and blockchain operational risk.
• Broad-based technology experience at substantial scale and complexity in a global, highly regulated environment.
• Establishing and maintaining relationships between business and technical stakeholders.
• Evaluating and prioritizing strategic initiatives, balancing the needs of different stakeholders, and driving alignment.
• Clear Thinker with strong analytical skills to review complex processes.
• Effective communication skills, both verbal and written.
• Ability to work independently with or without direction and/or supervision.
• Demonstrated ability to effectively interface with a diverse, global, and cross-functional team and led large-scale projects.
• Ability to influence cross-functionally and enterprise-wide and assert second line risk responsibility to challenge and influence in a highly consultative and effective manner.
• Ability to prioritize and multitask, flexibility and adaptability in work approach.

Education / Certifications

• B.S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cyber Security or equivalent).
• Relevant certification is desirable, e.g., CISSP, CISM, CISA. Working knowledge of Risk Management life cycles based on established frameworks: NIST, COBIT, ORX, ISO 27001.
• Experience in Open Pages or other GRC tools and broader MS Office suite products.

Responsibilities

The Digital Economy and AI Risk Management VP is a key member of the 2nd Line of Defence Risk Management team, tasked with assisting the 1st Line of Defence manage operational risk emanating from the rapidly evolving landscape of artificial intelligence (AI), decentralized finance (DeFi), blockchain technologies, and the digital economy.  The role is responsible for supporting the ORM framework designed to identify, assess, mitigate, and report on operational risks as it relates to AI development and deployment, the complexities of Web 3.0 (i.e., blockchain), and digital asset innovation.  The successful candidate will serve as part of the second line of defence (2nd LoD) providing independent review and credible challenge on the effectiveness of digital finance and AI processes and controls. This role will work closely with the business units and first line of defence support functions as they develop, implement, and maintain solutions across the organization including shared services. The role is global and supports the SVP Head of Technology, Information Security, Data, and Digital Economy Risk Management in executing MR Risk strategy and continuing to further implement and mature the ORM framework.

• Review and Challenge: leveraging their subject matter expertise, provide independent review and credible challenge to the Digital Economy risk profile and associated implementation of the ORM framework.
• Governance: actively engage at various committees/forums representing 2^nd LoD Risk and provide subsequent updates on changes to the Digital Economy risk profile.
• Risk Appetite: develop, maintain, and communicate risk appetite for digital and AI-driven initiatives, ensuring alignment with organizational goals and regulatory expectations.
• Risk and Control Self-Assessments (RCSA): initial challenge of the 1^st LoD RCSA’s in-line with the ORM standards including timely completion, challenging risks, controls, and assessments, and supporting escalation/reporting, including at governance committees.
• Issue Management: initial challenge of the identification, documentation, response, and reporting of issues in-line with the Issue Management standard, including completeness and accuracy of documented issues, assigned impact ratings, escalation of past due issues, and challenging closure to ensure completed actions are evidenced and sufficient to mitigate the risk.
• Operational Risk Events (ORE’s): initial challenge that the appropriate response, escalation, documentation, and reporting is in-line with the ORM framework, including post event root cause analysis to identify lessons learned and required actions to prevent recurrence.
• Key Risk Indicators (KRIs): initial challenge of the development and reporting of KRIs, including establishment of tolerance levels, 1LoD rationales where KRI’s are out of tolerance or have changed significantly.
• Emerging & Evolving Risks: initial challenge and monitoring of emerging and evolving risks, identifying where new risks need to be reported, or current risks are significantly changing.
• Champion a strong risk culture across the enterprise by educating and advising key stakeholders on emerging risks, digital landscape shifts, and regulatory developments.
• Training & Guidance: provide on-going training and guidance to 1^st LoD, assisting with the creation of training materials as needed.
• Risk Initiatives: provide 2^nd LoD initial challenge of various initiatives from a design, requirements, and go-live criteria perspective to reduce impact of transformation risk.
• Relationship Management: respected point of contact and trusted advisor to stakeholders across the business and technology functions in providing ORM coverage the Digital Economy, Technology, and Information Security risk.
• Policies, Standards & Procedures: review and credibly challenge adherence by the Digital Economy function to their Policies, Standards and Procedures, as well as adherence to MR ORM framework.
• GRC Usage & Reporting: oversee effective and comprehensive usage of the GRC tool for all ORM risk activities by the 1^st LoD ensuring it’s complete, timely, and accurate.

About the Team

MR Risk Management team was established in 2020 as the 2^nd LoD risk function across MR, establishing risk policies and providing advice, guidance and challenge to the implementation and on-going adherence to these standards. The MR Risk Management team is a global team acting as a risk management centre of excellence within MR.

For US-based roles only: the anticipated hiring base salary range for this position is $143,000 -  $208,000, depending on factors such as experience, education, level, skills, and location. This range is based on a full-time position. In addition to base salary, this role is eligible for incentive compensation. Moody’s also offers a competitive benefits package, including not but limited to medical, dental, vision, parental leave, paid time off, a 401(k) plan with employee and company contribution opportunities, life, disability, and accident insurance, a discounted employee stock purchase plan, and tuition reimbursement.

Moody’s is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, sex, gender, age, religion or creed, national origin, ancestry, citizenship, marital or familial status, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, military or veteran status, or any other characteristic protected by law. Moody’s also provides reasonable accommodation to qualified individuals with disabilities or based on a sincerely held religious belief in accordance with applicable laws. If you need to inquire about a reasonable accommodation, or need assistance with completing the application process, please email accommodations@moodys.com. This contact information is for accommodation requests only, and cannot be used to inquire about the status of applications.

For San Francisco positions, qualified applicants with criminal histories will be considered for employment consistent with the requirements of the San Francisco Fair Chance Ordinance.

This position may be considered a promotional opportunity, pursuant to the Colorado Equal Pay for Equal Work Act.

Click here to view our full EEO policy statement. Click here for more information on your EEO rights under the law. Click here to view our Pay Transparency Nondiscrimination statement. Click here to view our Notice to New York City Applicants.
Candidates for Moody's Corporation may be asked to disclose securities holdings pursuant to Moody’s Policy for Securities Trading and the requirements of the position. Employment is contingent upon compliance with the Policy, including remediation of positions in those holdings as necessary.

For more information on the Securities Trading Program, please refer to the STP Quick Reference guide on ComplianceNet

Please note: STP categories are assigned by the hiring teams and are subject to change over the course of an employee’s tenure with Moody’s.