Director- Enterprise Data & AI Risk Advisory (Technologies)

Job Description

Joining Amex Tech means discovering and shaping your contribution to something big. Here, you can work alongside talented tech teams and build a unique career with the Powerful Backing of American Express. With a range of opportunities to work with the latest technologies, and a commitment to back the broader engineering community through open source, our mission is to power your success. Because Amex Tech is powered by our technology, our culture, and our colleagues.
The Technology organization enables and accelerates the company’s growth strategies, delivering global capabilities and services in support of Amex’s customers and colleagues, while maintaining 24/7 servicing and availability to ensure an uninterrupted, high-quality customer experience. Technology provides the foundation for everything we do in the company while driving differentiation through building and leveraging innovative technology and data insights.

Joining ETS Governance & Control means helping protect American Express customers and company through integrated, intelligence-driven technology risk and control management. Operating at the intersection of technology, governance, and risk, the team partners across the enterprise to modernize the foundation, advance risk intelligence, demonstrate trust at scale, and reduce material risk—enabling innovation with the right controls in place.

By building simplified, consistent frameworks and embedding continuous assurance, ETS Governance & Control enhances transparency, accountability, and sustainable risk reduction. The work is about empowering confident decisions, accelerating responsible delivery, and ensuring controls evolve with the business to strengthen trust and reduce enterprise risk at scale.

The Enterprise Technology Services organization partners with every part of the American Express business to power the company’s growth and innovation with trust and efficiency, and drive competitive differentiation with speed. We support the delivery and operations of technology, digital, and data capabilities, platforms, and services globally. Specifically, our team is responsible for the company’s technology engineering, architecture, and infrastructure, providing 24x7 support to ensure an uninterrupted, high-quality experience for customers and colleagues. We also provide product management for core enterprise platforms, and lead technology risk and information security, enterprise data governance and platforms, digital product and design, and enterprise AI platforms on behalf of the company.

The Director, Enterprise Data & AI Risk Advisory serves as a First Line of Defense (FLOD) Technology Risk and Control leader supporting the Enterprise Data & AI (EDAI) organization within Enterprise Technology Services.

This role serves as a strategic partner to EDAI leadership, helping enable the enterprise's Data and AI strategy through effective risk management, governance, and control practices. The Director provides risk leadership across Enterprise Data Governance, Enterprise Privacy Governance & Enablement, Enterprise AI/ML Engineering, and Enterprise Data Platforms, ensuring enterprise data and AI capabilities are deployed responsibly, governed effectively, and aligned with enterprise risk standards.

Leading a team of risk advisors, the Director partners closely with EDAI leadership and their teams to assess and manage risks associated with enterprise data products, data platforms, AI-enabled capabilities, cloud-native technologies, and emerging AI ecosystems. This role does not build or own technology solutions; rather, it helps establish the governance, risk management, and control frameworks that enable EDAI to innovate at scale while maintaining trust, resilience, and regulatory compliance.

As a trusted advisor to EDAI leadership, this individual will influence strategic decisions, strengthen governance and risk transparency, and help navigate emerging risks associated with Generative AI, agentic AI, advanced data platforms, and evolving regulatory expectations.

Responsibilities

• Serve as a Technology Risk and Control advisor to Enterprise Data & AI leadership, providing strategic guidance on data, privacy, AI, and technology risks.
• Lead and develop a high-performing team of Technology Risk and Control professionals, fostering a culture of accountability, innovation, continuous learning, and operational excellence.
• Drive risk identification, risk assessments, control evaluation, issue management, and risk reporting across enterprise data, privacy, AI, and technology capabilities to strengthen the overall risk and control environment.
• Partner with Enterprise Data & AI leadership and their teams to assess, manage, and govern risks associated with enterprise data products, Enterprise Data Platforms, AI enablement initiatives, and strategic technology transformation programs.
• Establish and embed scalable risk and control practices across modern technology delivery environments, including cloud-native architectures, platform engineering, APIs, Agile delivery, DevOps, MLOps, and AI development lifecycles.
• Represent Technology Risk and Control within key governance forums, including Data Governance, Privacy Governance, AI Enablement, and Model Risk Management councils, helping ensure accountability, policy alignment, and effective governance outcomes.
• Provide forward-looking risk insights on emerging technologies and evolving risk landscapes, including AI/ML, Generative AI, agentic AI, intelligent automation, enterprise data platforms, and regulatory developments.
• Partner across all lines of defense, including Compliance, Legal, Model Risk Management, Independent Risk Management, Audit, and regulators to support effective governance, regulatory readiness, and risk management outcomes.

Qualifications

• 8+ years of experience with demonstrated leadership in AI Risk, Data Risk, Technology Risk, Risk & Control Management, Cyber Risk, or related disciplines within a large, highly regulated organization.
• Experience supporting AI/ML, Generative AI, and emerging agentic capabilities, including knowledge of AI enablement, model lifecycle management, responsible AI principles, and evolving regulatory expectations.
• Deep expertise in technology risk and control management, including governance, risk assessments, control effectiveness, issue management, risk reporting, and regulatory engagement.
• Strong understanding of enterprise data governance, data protection, privacy, Enterprise Data Platforms, data products, and associated risk management practices.
• Strong executive presence and the ability to advise senior leaders on technology, data, privacy, and AI risks, translating complex issues into clear business implications and actionable decisions.
• Significant experience partnering across all lines of defense and engaging effectively with regulators, audit, compliance, legal, and enterprise risk management stakeholders.
• Proven experience building and leading high-performing teams while influencing outcomes across complex, matrixed organizations.
• Bachelor's degree required; advanced degree preferred in Technology, Engineering, Business, Risk Management, Data Science, or a related field.

Employment eligibility to work with American Express in the United States is required as the company will not pursue visa sponsorship for these positions.