Senior Risk Manager – Digital Strategy & Enterprise Automation (Commercial Bank) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Citizens · 12 hours ago

Senior Risk Manager – Digital Strategy & Enterprise Automation (Commercial Bank)

positionJohnston, RI
timeFull-time
remoteHybrid
seniorityMid, Senior Level
money$129K/yr - $150K/yr
date5+ years exp

Citizens is a commercial bank that is seeking a Senior Risk Manager to oversee risks associated with digital banking platforms and emerging technologies. The role involves leading risk assessments, developing control frameworks, and ensuring compliance with regulatory standards while collaborating with various internal teams to mitigate risks related to AI and automation.

BankingCredit CardsFinancial ServicesFinTechRetail
badNo H1Bnote

Responsibilities

Lead risk identification, assessment, and mitigation for digital platforms and emerging technologies (AI, GenAI, Agentic AI & automation)
Develop and maintain control frameworks for AI and automation use cases
Partner with business and tech teams to ensure operational and technical resiliency
Oversee risk governance activities: change control, control testing, and RCSAs
Provide regulatory guidance (e.g., OCC, FRB, GLBA, NIST) across digital initiatives
Collaborate with Second and Third Lines of Defense to maintain transparency and alignment
Support pilot programs and new product launches by assessing risk exposure and recommending mitigations
Serve as a subject matter expert on AI governance, ethical use, and risk mitigation

Qualification

Risk Management PrinciplesTechnology Risk ManagementThird Party Risk ManagementAIAutomation SolutionsRegulatory KnowledgeData & Privacy Risk OversightFinancial Industry ExperienceRisk Assessment SkillsToolsRelationship Building SkillsProblem-Solving Skills

Required

Strong Knowledge of Risk Management Principles: A solid understanding of various risk types (e.g., operational, financial, compliance, reputational) and risk management methodologies, including COSO and OCC Heightened Standards
Technology and Cybersecurity Risk Management: Focus on identifying and mitigating risks associated with the adoption and integration of AI, GenAI, Agentic AI, and automation technologies within digital banking platforms. Collaborate with technical teams to ensure the security, stability, and operational resilience of AI-enabled systems, including core banking infrastructure and intelligent payment applications. Evaluate emerging technology risks such as model drift, adversarial AI threats, and data integrity vulnerabilities. Maintain awareness of evolving cybersecurity threats and regulatory expectations, and implement proactive controls and monitoring strategies to safeguard against technology-driven disruptions and ensure compliance with frameworks such as SR 11-7, FFIEC, and NIST
Third Party Risk Management: Ensure that all third-party providers involved in the development, deployment, or support of AI, GenAI, Agentic AI, and automation solutions are identified and integrated into the Bank's Third-Party Risk Management (TPRM) program. Confirm that due diligence activities both onboarding and through ongoing monitoring—are conducted in accordance with policy requirements, with a specific focus on evaluating contact language, model governance, data handling practices, algorithmic transparency, and compliance with regulatory expectations such as SR 11-7, NIST AI RMF, and FFIEC guidance
Risk Assessment Skills: The ability to manage and execute risk assessments on new business initiatives and implement new and / or revised controls to applicable product and service risk inventories. Experience in establishing risk and control inventories and executing an annual and or ad hoc targeted risk and control self-assessment on a product and service inventory
AI, GenAI, and Automation Solutions: Foundational knowledge of AI, Generative AI (GenAI), Agentic AI, and automation solutions within enterprise environments, including their application in streamlining operations, enhancing decision-making, and enabling intelligent workflows. This includes an understanding of embedded AI use cases across various business functions and how the risk landscape evolves with the adoption of AI-driven architectures and automated process flows
Data & Privacy Risk Oversight: Knowledge of data management, data protection, and privacy requirements—including GDPR, CCPA, and GLBA—and their implications on AI and automation architectures. Skilled in assessing data quality, lineage, classification, access controls, and the handling of sensitive or regulated data throughout AI model development, deployment, and monitoring
Financial Industry Experience: Experience in the banking and financial services industry, ideally within a nationally chartered institution, with a strong foundation in regulatory compliance, operational risk, and governance. Skilled in identifying and assessing emerging risks associated with AI adoption—such as model bias, data privacy, explainability, and third-party dependencies—and ensuring that appropriate controls, testing protocols, and governance frameworks are in place. Proven ability to collaborate with cross-functional teams to embed risk management practices throughout the AI solution lifecycle, from design and deployment to post-implementation review, in alignment with regulatory expectations and organizational risk appetite
Regulatory Knowledge: Familiarity with SR 11-7 and OCC 2011-12 for model risk management, FFIEC guidance on cybersecurity and third-party risk, the NIST AI Risk Management Framework, data privacy laws such as GDPR and CCPA, Basel's Principles for Operational Resilience, and applicable SEC/FINRA regulations, all within the context of responsible AI governance
Relationship Building Skills: The ability to develop, maintain, and enhance internal and external business relationships to facilitate risk advisory, knowledge sharing, and familiarity with ongoing industry trends and best practices
Problem-Solving Skills: The ability to independently identify and resolve risk-related issues
Knowledge of Tools: GRC Archer, JIRA, Confluence, Excel, Tableau
Bachelor's degree in Technology, Cybersecurity, Computer Science, or related field
5–8 years of progressive experience in Risk, Audit, or Compliance, with a strong foundation in Technology Risk, Cybersecurity, and / or Information Security frameworks, as well as exposure to AI, automation, or enterprise digital modernization efforts

Preferred

Certifications (preferred): CISA, CIA, CRISC, IAPP AIGP, CISSP, Security +

Benefits

Comprehensive medical, dental and vision coverage
Retirement benefits
Maternity/paternity leave
Flexible work arrangements
Education reimbursement
Wellness programs
Paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States

Company

Citizens

twittertwittertwitter
Glassdoor3.6
company-logo
At Citizens, we recognize that the journey to accomplishment is no longer linear and that individuals are made of all they have done and all they are going to do.
dateFounded in 1828
location
Providence, Rhode Island, USA
people-size10001+ employees
web-link
https://www.citizensbank.com/

Funding

Current Stage
Public Company
Total Funding
$2B
2025-02-26Post Ipo Debt· $750M
2024-07-09Post Ipo Debt· $1.25B
2014-09-23IPO

Leadership Team

leader-logo
Melisa Carrascoza
SVP, Business Banking Market Executive - New England South
linkedin
leader-logo
Steve Kozek
Head of Commercial Excellence, Senior Vice President
linkedin

Recent News

Business Wire
Citizens Financial Group, Inc. Reports Fourth Quarter 2025 Net Income of $528 million, up 32% YoY, and EPS of $1.13, up 36% YoY
2026-01-22
Business Wire
Citizens Financial Group to Participate at the UBS Financial Services Conference
2026-01-22
Talk Business & Politics
Connections: New hires announced at Walton School of Medicine
2026-01-19
Company data provided by crunchbase