AVP, IT & AI Governance

About The Position

Requirements

• Strong knowledge of IT governance frameworks and standards (COBIT, ITIL, NIST, ISO 27001)
• Proficiency with IT governance, risk, and compliance tools
• Solid understanding of IT infrastructure, applications, and cybersecurity principles
• Excellent written and verbal communication skills; able to convey complex concepts to non‑technical audiences
• Strong analytical and critical thinking skills with sound judgment in complex situations
• Proven leadership and people management capabilities
• Experience leading projects and initiatives from inception through execution
• Ability to manage multiple priorities in a fast‑paced environment
• Demonstrated ability to develop and implement IT policies, procedures, and controls
• Strong interpersonal skills with the ability to influence stakeholders at all levels
• Bachelor’s degree in Information Technology, Computer Science, Business Administration, or a related field
• A minimum of 8-10 years of experience in IT governance, risk management, or a related field, with at least 3 years in a leadership role
• Experience with regulatory compliance and risk management in the IT domain

Nice To Haves

• Master’s degree preferred
• Certifications such as CISA, CISM, CRISC, or CGEIT are highly desirable.

Responsibilities

• Lead enterprise IT and AI governance frameworks aligned with NIST, SCF, NYDFS, and regulatory best practices
• Embed AI governance into IT, data, and enterprise risk programs
• Ensure governance is scalable, repeatable, and audit-ready
• Partner with Model Risk Management to align with SR 11‑7 and OCC/Fed guidance
• Set standards for AI/model documentation and lifecycle oversight
• Govern internal, third‑party, and Generative AI solutions
• Maintain AI risk taxonomy, reporting, and escalation
• Identify, assess, and monitor IT and AI risks
• Own mitigation strategies, control frameworks, and centralized risk register
• Lead risk assessments, governance reviews, and control testing
• Ensure compliance with IT and AI regulatory requirements
• Establish AI compliance monitoring
• Serve as primary liaison for audits and regulatory exams
• Maintain documentation, evidence retention, and audit trails
• Develop and maintain IT and AI policies, standards, and procedures
• Lead periodic reviews and operational adoption
• Align governance with IT and digital transformation strategy
• Provide governance review for new technology initiatives
• Assess emerging AI technologies prior to adoption
• Define AI governance standards for vendors
• Partner with Vendor Risk to assess controls, transparency, validation, and data protections
• Ensure AI‑specific contractual safeguards
• Define KPIs and KRIs for IT and AI governance
• Report risk posture, compliance status, and remediation to leadership
• Drive continuous improvement
• Advise leaders on responsible AI adoption
• Promote ethical technology use and risk awareness
• Lead governance training and cross‑functional forums
• Lead and develop the IT Governance team
• Build enterprise AI governance capabilities
• Establish clear accountability across IT, Risk, Compliance, and business teams