Overview The Opportunity: This role is part of the Information Risk team, within the Group Functions (GF) Information Technology First Line of Defense. The team is responsible for performing risk-based information security assessments for new technologies and maintaining governance frameworks specific to generative AI technologies, ensuring compliance with information security standards, and managing risks associated with cloud-based, on premises and AI-driven platform and services. Responsibilities Perform GF project and technology information risk assessments including assessing risks and defining controls as well as tracking the implementation of controls. Design, document and/or implement BAU security controls applicable to the cloud-based infrastructure, platform, and services; evaluate products for implementing security controls in the cloud or on-premises spaces. Conduct comprehensive assessments of generative AI projects, identifying and mitigating risks associated with AI-generated data and outputs. Develop and implement governance frameworks tailored to generative AI, ensuring alignment with global information risk assessment methodologies. Collaborate with cross-functional teams to integrate AI governance with existing processes such as architecture review, project risk management, and Business Continuity & Disaster Recovery. Manage priorities between tasks, ensuring timely delivery of governance assessments and updates. Participate in project meetings to advise on AI-specific risks and impacts, providing timely updates to stakeholders. Ensure each AI governance assessment is peer-reviewed for completeness before distribution to stakeholders. Provide regular updates to stakeholders on the status of AI governance assessments in progress or in the backlog. Support operational AI governance activities, including oversight of ongoing AI-specific security processes (e.g., incident response, vulnerability management). Provide training to key stakeholders on AI governance processes and best practices. Respond to audits, regulatory reviews, and risk assessments related to AI governance. Stay informed on emerging AI technologies, evolving threats, and opportunities within the AI governance discipline. Qualifications 5+ years of experience in information security, with a focus on AI technologies and governance. Experience in IT/Information Risk management, particularly related to AI and data-driven projects. Deep knowledge of AI governance frameworks and relevant security standards. Familiarity with laws and standards related to AI (e.g., NIST, EU AI Act). Strong communication and influencing skills, with the ability to foster a culture of AI governance and risk management. Effective problem-solving and analytical skills, with an innovative approach to information security risk management and AI governance challenges. Strong presentation and facilitation skills for diverse audiences. Ability to build and maintain strong relationships across teams and stakeholders. Collaborative team player with excellent time management and organizational skills to handle multiple tasks and changing priorities. Nice-To-Have Understanding of the financial industry and its regulatory requirements is preferred. Education Degree in Computer Science, Information Technology, Data Science, Business Administration, or relevant educational and professional experience. Seniority level Mid-Senior level Employment type Contract Job function Finance #J-18808-Ljbffr