What are the responsibilities and job description for the Lead, Responsible AI, Security, and Model Risk (Remote) position at CareFirst BlueCross BlueShield?
Resp & Qualifications
PURPOSE:
Drives enterprise trust and risk management for AI by owning the organizations end-to-end AI risk posture, inclusive of Responsible AI, model risk management, AI security, privacy, and compliance. Establishes and operationalizes governance frameworks, guardrails, and approval pathways that enable rapid delivery of AI solutions while meeting regulatory, security, and audit expectations. Ensures AI systems are safe, compliant, auditable, and secure across the full model lifecycle from ideation through production monitoring.
This role owns the risk decisions and guardrails that determine what AI systems may operate in production and under what conditions.
Essential Functions
Enterprise AI Risk & Governance Ownership
Education Level: Bachelor's Degree in Computer Science, Information Technology, or related field OR in lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.
Licenses/Certifications Upon Hire Preferred
Preferred Qualifications
Travel Requirements
Estimate Amount: 5%
Salary Range Disclaimer
The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the work is being performed. This compensation range is specific and considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate's work experience, education/training, internal peer equity, and market and business consideration. It is not typical for an individual to be hired at the top of the range, as compensation decisions depend on each case's facts and circumstances, including but not limited to experience, internal equity, and location. In addition to your compensation, CareFirst offers a comprehensive benefits package, various incentive programs/plans, and 401k contribution programs/plans (all benefits/incentives are subject to eligibility requirements).
Department
Agile Transformation
Equal Employment Opportunity
CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
Where To Apply
Please visit our website to apply: www.carefirst.com/careers
Federal Disc/Physical Demand
Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.
Physical Demands
The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.
Sponsorship in US
Must be eligible to work in the U.S. without Sponsorship
PURPOSE:
Drives enterprise trust and risk management for AI by owning the organizations end-to-end AI risk posture, inclusive of Responsible AI, model risk management, AI security, privacy, and compliance. Establishes and operationalizes governance frameworks, guardrails, and approval pathways that enable rapid delivery of AI solutions while meeting regulatory, security, and audit expectations. Ensures AI systems are safe, compliant, auditable, and secure across the full model lifecycle from ideation through production monitoring.
This role owns the risk decisions and guardrails that determine what AI systems may operate in production and under what conditions.
Essential Functions
Enterprise AI Risk & Governance Ownership
- Own the enterprise AI risk management framework covering model risk, Responsible AI, AI security, privacy, and compliance.
- Define, implement, and enforce AI policies, standards, operating procedures, and control requirements across the AI lifecycle.
- Establish clear decision rights and approval paths that support rapid delivery while maintaining strong controls.
- Act as the final risk authority for AI systems entering or operating in production, including documentation and sign-off expectations.
- Lead model risk assessments, validation, approvals, and documentation for AI/ML/GenAI systems.
- Define standards for transparency, explainability, performance monitoring, evaluation, and retraining triggers.
- Partner with audit and enterprise risk teams to support internal/external reviews and ensure continuous audit readiness.
- Oversee AI incident management from triage root cause remediation reporting, including control failures and model performance issues.
- Own AI security risk posture, including risks unique to LLMs and generative AI (e.g., prompt injection, data leakage, misuse).
- Partner with cybersecurity teams to implement AI-specific threat modeling, security requirements, monitoring, and detection controls.
- Define requirements for model access controls, data usage, logging, and release governance aligned to enterprise security policy.
- Ensure AI systems meet enterprise security expectations without duplicating platform/infrastructure ownership.
- Serve as the primary AI liaison to Legal, Privacy, Compliance, ERM, and Security teams.
- Interpret and operationalize regulatory requirements (e.g., HIPAA, state/federal AI guidance, emerging AI regulations).
- Ensure AI systems adhere to data protection, consent, and responsible data usage requirements.
- Translate regulatory expectations into practical guardrails delivery and engineering teams can implement.
- Lead responsible AI practices related to fairness, bias detection/mitigation, explainability, and human-in-the-loop controls.
- Define when/how human oversight is required in AI-supported decisions, including escalation and override requirements.
- Embed Responsible AI requirements into design and release processes, rather than post-hoc reviews.
- Educate delivery and engineering teams on approval criteria, risk expectations, control requirements, and compliance needs.
- Provide clear, actionable guidance so teams understand how to get to yes quickly and safely.
- Build dashboards and executive reporting that provide visibility into risk exposure, approvals status, incidents, and control health.
- Provide risk input to enterprise AI roadmaps and investment planning.
- Identify governance automation opportunities (templates, tooling, standard evidence packages) to reduce friction.
- Continuously improve policies, standards, and controls based on incidents, audits, and evolving threat/regulatory landscapes.
Education Level: Bachelor's Degree in Computer Science, Information Technology, or related field OR in lieu of a Bachelor's degree, an additional 4 years of relevant work experience is required in addition to the required work experience.
Licenses/Certifications Upon Hire Preferred
- IAAP - AIGP (Artificial Intelligence Governance Professional.
Preferred Qualifications
- Advanced degree
- Ability to motivate and influence others so that project objectives are met in a timely manner.
- Ability to collaborate with stakeholders to develop high quality solutions.
- Ability to coach, delegate, and develop architects and engineers.
- Ability to managing cross-domain architecture solutions and issues.
- Expertise with domain related architecture frameworks, methods and tools.
- Effective organizational, interpersonal/relationship management, analytical, communications (written and verbal) and collaboration.
- Must be able to meet established deadlines and handle multiple customer service demands from internal and external customers, within set expectations for service excellence. Must be able to effectively communicate and provide positive customer service to every internal and external customer, including customers who may be demanding or otherwise challenging.
Travel Requirements
Estimate Amount: 5%
Salary Range Disclaimer
The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the work is being performed. This compensation range is specific and considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate's work experience, education/training, internal peer equity, and market and business consideration. It is not typical for an individual to be hired at the top of the range, as compensation decisions depend on each case's facts and circumstances, including but not limited to experience, internal equity, and location. In addition to your compensation, CareFirst offers a comprehensive benefits package, various incentive programs/plans, and 401k contribution programs/plans (all benefits/incentives are subject to eligibility requirements).
Department
Agile Transformation
Equal Employment Opportunity
CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of the Company to provide equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.
Where To Apply
Please visit our website to apply: www.carefirst.com/careers
Federal Disc/Physical Demand
Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.
Physical Demands
The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.
Sponsorship in US
Must be eligible to work in the U.S. without Sponsorship
Salary : $152,080 - $271,843