Chief Auditor – Artificial Intelligence (AI) Assurance Lead

Discover your future at Citi

Working at Citi is far more than just a job. A career with us means joining a team of more than 230,000 dedicated people from around the globe. At Citi, you’ll have the opportunity to grow your career, give back to your community and make a real impact.

Job Overview

The Chief Auditor Artificial Intelligence (AI) Assurance Lead is a senior level management position, reporting to the Chief Auditor Artificial Intelligence (AI), responsible for providing independent assurance over the firm’s adoption and use of AI/GenAI, ensuring risks are identified, controls are effective and governance aligns with regulatory, ethical and strategic objectives.  This role will lead and develop a team with overall accountability for directing audit activities and assessments of the risk and control environment for the adoption of AI/GenAI, applying in-depth disciplinary knowledge through value-added perspectives that is in accordance with IA standards, Citi policies, and regulations. 

Critical thinking and executive presentation skills will be important requirements of the role as themes related to risks and issues across the organization will be identified and presented to key stakeholders, such as senior management, the Audit Committee, regulators and external audit functions.  The incumbent requires a wider ranging, yet detailed knowledge of AI Risks including governance, legal, regulatory, cyber, technology, model risk and third party systems as well as a strong understanding of the fundamental risks associated with a large bank. 

The role will entail considerable co-ordination and development of resources, including partnership with business and function audit teams to meet the requirements and will therefore also require strong people management, engagement and communication skills.

As a member of the Leadership team for Audit’s Artificial Intelligence (AI), the incumbent will also play a key role in supporting the broader teams AI Assurance Tooling and Execution mandate.  In addition, the individual is responsible for contributing to the overall development of Internal Audit’s approach to AI to position Citi IA as the leading IA function in the financial services industry.

Citi IA is a dynamic global function of over 2,500 professionals located across more than 60 countries, covering Citi's global businesses and service to clients and customers through its network in 98 countries. Through a culture of continuous improvement, Citi IA is focused on maintaining its position as a best-in-class IA function and is committed to investing in people, learning and development, innovation, and methodology programs. The Internal Audit mission is to provide independent, objective, reliable, valued and timely assurance to the Board, senior management and regulators of Citigroup and Citibank (and its subsidiaries), over the effectiveness of culture, ethical conduct, governance, risk management, and controls that mitigate current and evolving risks and to enhance the control environment.  IA is a change agent within Citi to enhance the control culture of Citigroup worldwide and therefore support senior management decision making around the globe.

Citi operates in over 100 countries and provides consumers, corporations, governments, and institutions with a broad range of financial services and products. Citi strives to create the best outcomes for clients and customers with financial ingenuity that leads to solutions that are simple, creative, and responsive.

Responsibilities

Assurance Strategy & Coverage:

• Develop and deliver the AI/GenAI assurance strategy covering governance, legal, regulatory, cyber, technology, model risk and third party systems.
• Timely development, risk assessment, execution and periodic refresh of the audit plan and approach for recurring risk-based coverage on AI/GenAI
• Provide independent assessment of the firm’s AI/GenAI governance framework and operating model.
• Review controls across AI/GenAI development, deployment, monitoring and lifecycle management.
• Responsible for the coordination and delivery of high-quality, value-add multiple concurrent risk-based audit plans on time and to specification together with the assurance for AI/GenAI.  Ensuring that the delivery of audit reports are complete, insightful, timely, error free and concise. 
• Engagement with senior stakeholders upon receipt of supervisory letters/other regulatory communications, ensuring adequacy of responses and commitments provided to regulators and appropriateness of action plans to address the substance of the issue raised.
• Confirms timely delivery of high-quality comprehensive regulatory and internal audit issue validation and where determined appropriate issue validation on other remediation actions.
• Support and endorse the IA Quality Assurance (QA) team to address and resolve issues found by QA, improving audit processes and coverage.
• Taking into account emerging and established risks; industry best practices and external frameworks; legal entity and country-level regulatory requirements and an end-to-end view of the risks and controls that cross business functions, ensuring that the IA activity is sufficient and relevant to delivering timely assurance.
• Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of others and create accountability with those who fail to maintain these standards.

Risk Identification & Assessment:

• Identify and evaluate risks unique to AI/GenAI, including bias, fairness, data privacy, hallucination, misuse and adversarial attacks.
• Incorporate coverage to AI non-model artefacts (e.g. explainability, prompts, embeddings, guardrails, datasets).
• Ongoing monitoring on the impact of changes in the AI/Gen AI portfolio including regulations, emerging AI technologies and industry advances.

Regulatory & Stakeholder Engagement:

• Provide independent reporting on AI/GenAI risks, findings and recommendations to senior management and the Audit Committee.
• Partner with the broader AI team and Learning and Development teams to embed AI assurance training and build auditor competencies.
• Collaborate with the AI Assurance Tooling & Execution Lead to embed audit lessons into tooling and product planning.
• Partner with the broader IA teams to scale AI assurance across IA work programs.
• Support regulatory engagement and external experts to ensure alignment with best practices.
• Develop and maintain proactive, constructive, solutions-driven relationships as the independent auditor with senior leadership and teams across IA, business areas and functions across wider Citi to provide credible challenge and positively influence Citi’s culture, ethical conduct, governance risk management, and control frameworks. Leverage the feedback achieved from this to continually improve the definition and risk assessment of the audit universe as well as identify new and optimized ways of auditing the environment to maximize the insight achieved. 
• Advises relevant management and supervisory boards and governance committees of updates on Citi’s IA strategy and other developments; presenting and gaining buy-in to forward looking risk-based audit plans, reporting on key IA activities including key risk issues and their management and/or resolution; and providing timely assurance on culture, ethical conduct and governance, risk management and control matters.
• Build and sustain an open, constructive and co-operative relationship with global and local regulators resulting in two-way dialogue, trust in the IA function and general reliance being placed on the assurance delivered; act as the key point of contact for regulators on internal audit matters; appropriately assessing risk when business decisions are made and understanding the significant risks specific to their product or function and individual role in relation to the regulations. 
• Ensure timely and accurate provisions of IA regulatory submissions and oversee IA activities and responses to the regulatory exams.
• Coordinate with external parties to support Citi’s responses for regulatory compliance, validation of regulatory issues and ensuring timelines are met and regulatory intent is addressed. 

Leadership & Collaboration:

• Lead a specialist AI Assurance team across Governance, Legal, Tech, Model Risk and work collaboratively with other IA discipline e.g Third Party, Data to ensure a joined up and holistic approach to the assurance of AI.
• Define and embed a clear operating model, roles and responsibilities for AI/GenAI assurance within IA.
• Attract, build, motivate and maintain a diverse and high caliber industry leading assurance capability.
• Lead and collaborate with teams across Citi Internal Audit to define and execute the audit strategy in alignment with the AI/GenAI needs as well as global Internal Audit priorities.
• Provide strategic counsel to senior business and risk leaders on AI/control, governance and emerging risks.
• Work with other IA Senior Leaders to maximize the efficiency and effectiveness of IA resources, taking into consideration the experience and location of the team, as well as leveraging different audit approaches and best practice.

• Develop approaches to promote knowledge sharing and management best practices across IA, Citibank, and Citigroup 

• Identify and develop talent, providing long-term career opportunities both within IA and across other parts of Citi. 

Experience

• Candidates should have a minimum of 15 years of diversified management experience in audit or a related role with a focus on technology and data.
• Working with AI and machine learning systems, including risk management, governance, technology and models.
• International experience is preferred within highly respected, diversified and complex institutions.
• Proven experience working with regulators and managing regulatory audits or inspections.

Skills

Technical Skills:

• Strong understanding of AI and machine learning concepts, algorithms and techniques.
• Strong knowledge of IT governance and control frameworks (e.g. COBIT, NIST, Cybersecurity Framework).
• Sound understanding of key AI regulations and laws such SR11-7, FCA, MAS, PRA and EU AI Act.
• Familiarity with data governance principles, data quality management and data security practices.

Auditing Skills:

• Strong understanding of internal audit standards (e.g. IIA Standards) and risk management frameworks (e.g. COSO).
• Experience in planning and executing audits including risk assessment, control evaluation and report writing.
• Ability to identify and assess complex risks and develop effective audit procedures.
• Proficient in Risk and Control analysis and audit concepts, governance, the design and operation of risk management and control frameworks in leading international organizations.
• An understanding of how risks and control deficiencies need to be prioritized and remediated across the first and second lines of defense.

Leadership Skills:

• Excellent communication skills – both written and verbal; being able to digest vast amounts of information and be able to succinctly present messages and technical concepts to non-technical audiences.
• Strong interpersonal skills for interfacing with all levels within the organization and beyond, including senior management and regulators.  Effective influencing skills, a proactive and ‘no surprises’ approach in communicating issues and requests.
• Pragmatic problem solver, strategic and forward thinker with independence of thought.
• Promotes a culture of collaboration and teamwork across organizational boundaries; willing to break down functional silos to optimize business results and to facilitate the overall growth of the franchise. 
• Self-motivated and goal orientated.  Sense of urgency in implementing programs and evaluating priorities; decisive, action-orientated and practical.  Willing to challenge and question the status quo, making recommendations for options and best solutions. 
• Critical thinking is a key requirement of the role as themes related to risks and issues around the organization will be identified and presented to key stakeholders such as senior management, the Audit Committee, Board, regulators and external audit functions.
• An effective leader, being able to manage auditors with different experience and background, building a culture of trust and support and accountability, with a track record of identifying and developing world class talent.
• Outstanding performer, open minded, resilient, agile, energetic, self-starter, articulate and empathetic whilst being confident to deliver opinions to bring about positive outcomes.

Education & Qualifications

• Bachelor’s degree/University degree in computer science, data science, finance, accounting or a related field, or equivalent experience
• Master’s degree preferred
• Related certifications such as Certified Information Systems (CISA), Certified Internal Auditor (CIA), Certified in Risk and Information Systems (CRISC) or similar.  AI-related certifications are a plus.

Alternative locations such as Irving, India or London might be considered depending on the profile of the selected candidate.

------------------------------------------------------

Job Family Group:

Internal Audit

------------------------------------------------------

Job Family:

Audit

------------------------------------------------------

Time Type:

Full time

------------------------------------------------------

Primary Location:

New York New York United States

------------------------------------------------------

Primary Location Full Time Salary Range:

$250,000.00 - $500,000.00

In addition to salary, Citi’s offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.

------------------------------------------------------

Most Relevant Skills

Control Monitoring, Data Analysis, Industry Knowledge, Issue Management, Laws and Regulations, Professional Standards, Risk Management, Root Cause Analysis.

------------------------------------------------------

Other Relevant Skills

For complementary skills, please see above and/or contact the recruiter.

------------------------------------------------------

Anticipated Posting Close Date:

Oct 27, 2025

------------------------------------------------------

Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law.

If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi.

View Citi’s EEO Policy Statement and the Know Your Rights poster.