Risk & Control Advisor - Generative AI

Position Overview

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our employees feel respected, valued and have an opportunity to contribute to the company’s success.

As a Risk & Control Advisor within PNC's Operational Risk Management organization, you will be based in Pittsburgh, PA / Cleveland, OH / Birmingham, AL / Houston, TX / Washington, DC / Raleigh, NC.

The Risk & Control Advisor sits within the 2

LOD (second line of defense) at the intersection of Operations and Technology Risk functions. You will report to the Senior Operational Risk Officer for Technology, Fraud, Operational Resilience and GenAI.

• Partners within risk management to plan and execute the risk management program and corresponding communication strategies. Engages the lines of business to review and challenge compliance with programs.
• Coordinates and implements the risk management program to meet regulatory expectations.
• Coordinates the timely and proper execution of the risk management program within and across the lines of business. Includes consultation to execute the program components.
• Provides risk expertise while working with the businesses and other risk partners (e.g., Compliance, Technology Risk, etc.) to proactively identify risk exposures across PNC.
• Challenges business self assessment results (including new initiatives, business as usual activities, and risk management program) and reviews applicable independent analyses.

Duties include but not limited to:

• Partner with the Data and Automation governance and engineering teams, legal, risk and compliance to support the development and execution of comprehensive risk management strategies for the firm's artificial intelligence program.
• Drive informed risk management decision making and practices for the firm's GenAI activities
• Engage with first line of defense colleagues to identify risk areas, concerns, patterns and trends
• Lead second line of defense identification, assessment, monitoring and reporting of risks relating to GenAI activities, (existing and emergent)
• Provide effective and credible risk management challenge and oversight of GenAI governance framework and deployment
• Engage deeply with technical teams to evaluate technical implementations (e.g. RAG architectures, prompt injection defenses, output monitoring) and embed governance checkpoints into CI/CD pipelines.
• Prepare concise executive level presentations and reports for governance and regulatory engagements

Required skills include, but not limited to:

• 5+ years of experience in risk management , AI/ML development, audit or compliance roles, ideally in technology driven environments
• Deep understanding of AI technologies, including machine learning, natural language processing and their associated risks
• Experience in financial services industry or a highly regulated environment is strongly preferred
• AI/ML Technical Depth:
  Hands-on experience with AI/ML development, including LLMs, RAG Architectures, and GenAI risk mitigation strategies
• Governance Frameworks:
  Familiarity with NIST AI RMG, ISO IEC 42001, and evolving regulatory landscapes (e.g. EU AI Act)
• Vendor AI Risk Assessment:
  Ability to understand risks and controls of vendor-provided AI tools and evaluate business use case risk assessments and integration into PNCs processes
• Exceptional communication skills to effectively collaborate and influence across Lines of Business
• Ability to assess nuanced risks for AI integrations beyond basic cybersecurity and data residency concerns.
• Expertise in end-to-end model lifecycle management-development validation, monitoring and retirement.
• Thought Leadership: stay ahead of emerging risks in GenAI agentic architectures and evolving regulatory landscapes. PNC will not provide sponsorship for employment visas or participate in STEM OPT for this position.

PNC Employees take pride in our reputation and to continue building upon that we expect our employees to be:

• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.

Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.

Compliance Reporting, Customer Risk, Decision Making, Regulatory Requirements, Risk Assessments, Risk Control, Strategic Objectives

Decision Making and Critical…