AI Auditor, Principal

Blue Cross and Blue Shield Association

Woodland Hills, CA

JOB DETAILS
SKILLS
Accounting, Algorithms, Artificial Intelligence (AI), Auditing, Automation, Business Administration, Business Processes, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Certified Financial Examiner (CFE), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), Coaching, Communication Skills, Computer Science, Computer Security, Continuous Improvement, Criminal Justice, Cross-Functional, Customer/Consumer Behavior, Data Modeling, Data Science, Documentation, Financial Fraud, Forensic Science, Fraud Investigation, Healthcare, Information Technology & Information Systems, Information Technology/Systems Audit, Information/Data Security (InfoSec), Intelligence Analysis, Internal Audit, Internet Security, Leadership, Legal, Machine Learning, Maintain Compliance, Presentation/Verbal Skills, Privacy Controls, Process Improvement, Project Design, Project/Program Management, Python Programming/Scripting Language, Research Skills, Risk, Risk Analysis, Risk Management, Root Cause Analysis, SQL (Structured Query Language), Social Engineering, Systems Administration/Management, Tableau, Test Plan/Schedule, Testing, Use Cases, Writing Skills
LOCATION
Woodland Hills, CA
POSTED
4 days ago

Your Role

The Internal Audit Services team provides independent, objective assurance and advisory services to help Blue Shield of California manage risk, strengthen internal controls, and improve business processes. The AI Internal Audit Principal will serve as a manager-level leader responsible for overseeing audit, compliance, fraud detection, and investigative work related to the use and misuse of artificial intelligence systems.

In this role, you will lead and oversee AI-focused audits looking at usage, systems, algorithms with a focus on identifying inappropriate, nefarious, fraudulent, and non-compliant activity. In this role you will essentially look for bad actors / activity via AI. Experience with fraud, compliance and investigations is preferred. The AI Internal Audit Principal will partner closely with audit leadership, business stakeholders, technology teams, data science teams, Compliance, Legal, HR, Privacy, Information Security, Corporate Security, and investigations partners to identify AI-related fraud risks, detect suspicious activity, and strengthen controls that prevent, identify, and respond to misuse of AI.

Our leadership model is about developing great leaders at all levels and creating opportunities for our people to grow - personally, professionally, and financially. We are looking for leaders that are energized by creative and critical thinking, building and sustaining high-performing teams, getting results the right way, and fostering continuous learning.

Your Knowledge and Experience

  • Requires a Bachelor's degree in Accounting, Information Systems, Computer Science, Data Science, Business Administration, Cybersecurity, Criminal Justice, Engineering, or related field; advanced degree preferred, or equivalent experience
  • Requires a minimum of 10 years of prior related experience in internal audit, IT audit, technology risk, compliance, fraud detection, investigations, information security, data governance, model risk management, or related assurance functions
  • At least 3 years of experience auditing, reviewing, investigating, governing, implementing, or monitoring artificial intelligence, machine learning, advanced analytics, automation, or data-driven decision systems
  • CISA certification required, or equivalent certification such as CIA, CISSP, CRISC, CISM, CPA, CDPSE, CFE, or other relevant audit, risk, security, privacy, investigations, fraud, or technology certification
  • Experience conducting fraud investigations, compliance reviews, insider threat investigations, suspicious activity monitoring, intelligence analysis, or forensic-style reviews preferred
  • Strong understanding of internal audit standards, investigative documentation, audit evidence, risk assessment, control testing, issue development, root-cause analysis, remediation validation, and defensible reporting
  • Working knowledge of AI misuse risks, including prompt manipulation, data leakage, model abuse, unauthorized automation, synthetic content, deepfakes, social engineering, inappropriate data use, and circumvention of controls
  • Experience using analytics platforms, AI models, machine learning techniques, SQL, Python, Databricks, Tableau, log analytics, or similar tools to identify anomalous or suspicious behavior preferred
  • Knowledge of healthcare fraud, financial fraud, cyber fraud, identity fraud, employee misconduct, vendor risk, third-party technology risk, or corporate investigations strongly preferred
  • Ability to translate technical AI, data, and system activity into clear audit risks, investigative findings, control gaps, and practical recommendations
  • Strong project management skills, including the ability to manage multiple audits, investigations, timelines, stakeholders, and deliverables
  • Experience supervising, coaching, or reviewing the work of auditors, consultants, analysts, investigators, or cross-functional project teams
  • Strong written and verbal communication skills, including experience presenting sensitive or complex issues to senior leadership

Hybrid

This role requires employees to be in-office based on our hybrid workplace model, balancing purposeful in-person collaboration with flexibility. For most teams, this means coming into the office two days each week. Employees living more than 50 miles from an office location will work with their manager to determine in-office time based on business need.

Your Work

In this role, you will:

  • Lead AI-focused internal audits, advisory reviews, and investigative projects designed to detect inappropriate, nefarious, fraudulent, unauthorized, unethical, or non-compliant AI activity
  • Develop audit and investigative methodologies for detecting fraud, insider threat, compliance violations, data leakage, unauthorized automation, and misuse of internal or third-party AI platforms
  • Evaluate AI system activity, user behavior, prompts, outputs, access patterns, model interactions, system logs, configuration changes, and workflow data for indicators of bad actors or suspicious activity
  • Assess controls designed to prevent unauthorized disclosure of confidential, proprietary, regulated, member, provider, employee, or business-sensitive information through AI systems
  • Identify emerging AI-enabled fraud risks, including AI-assisted scams, synthetic identities, prompt manipulation, deepfakes, falsified documentation, automated abuse, model circumvention, and inappropriate use of generative AI tools
  • Lead cross-functional fact-finding and root-cause reviews involving suspected AI misuse, fraud, compliance violations, inappropriate data use, or circumvention of control processes
  • Design continuous monitoring approaches and analytics to identify patterns of high-risk AI usage, anomalous behavior, suspicious system interactions, and potential policy violations
  • Develop risk-based audit plans, control matrices, testing procedures, investigative workplans, and evidence standards for AI fraud, misuse, and compliance monitoring engagements
  • Supervise and coach audit team members, including review of investigative documentation, testing evidence, workpapers, issue summaries, and audit deliverables for quality, accuracy, and audit readiness
  • Communicate fraud patterns, emerging threats, root causes, control gaps, and practical recommendations to audit leadership, business partners, technology leaders, Compliance, Legal, HR, Privacy, Information Security, and executive stakeholders
  • Support annual audit planning by identifying AI platforms, business processes, high-risk use cases, data sources, and enterprise initiatives that may warrant fraud-focused audit coverage
  • Drive continuous improvement in AI fraud detection playbooks, control libraries, audit analytics, investigative templates, issue rating approaches, and remediation validation procedures
  • Promote ethical technology use, strong accountability, effective monitoring, compliant AI adoption, and a culture that identifies and escalates inappropriate AI activity

Your Work

In this role, you will:

  • Lead AI-focused internal audits, advisory reviews, and investigative projects designed to detect inappropriate, nefarious, fraudulent, unauthorized, unethical, or non-compliant AI activity
  • Develop audit and investigative methodologies for detecting fraud, insider threat, compliance violations, data leakage, unauthorized automation, and misuse of internal or third-party AI platforms
  • Evaluate AI system activity, user behavior, prompts, outputs, access patterns, model interactions, system logs, configuration changes, and workflow data for indicators of bad actors or suspicious activity
  • Assess controls designed to prevent unauthorized disclosure of confidential, proprietary, regulated, member, provider, employee, or business-sensitive information through AI systems
  • Identify emerging AI-enabled fraud risks, including AI-assisted scams, synthetic identities, prompt manipulation, deepfakes, falsified documentation, automated abuse, model circumvention, and inappropriate use of generative AI tools
  • Lead cross-functional fact-finding and root-cause reviews involving suspected AI misuse, fraud, compliance violations, inappropriate data use, or circumvention of control processes
  • Design continuous monitoring approaches and analytics to identify patterns of high-risk AI usage, anomalous behavior, suspicious system interactions, and potential policy violations
  • Develop risk-based audit plans, control matrices, testing procedures, investigative workplans, and evidence standards for AI fraud, misuse, and compliance monitoring engagements
  • Supervise and coach audit team members, including review of investigative documentation, testing evidence, workpapers, issue summaries, and audit deliverables for quality, accuracy, and audit readiness
  • Communicate fraud patterns, emerging threats, root causes, control gaps, and practical recommendations to audit leadership, business partners, technology leaders, Compliance, Legal, HR, Privacy, Information Security, and executive stakeholders
  • Support annual audit planning by identifying AI platforms, business processes, high-risk use cases, data sources, and enterprise initiatives that may warrant fraud-focused audit coverage
  • Drive continuous improvement in AI fraud detection playbooks, control libraries, audit analytics, investigative templates, issue rating approaches, and remediation validation procedures
  • Promote ethical technology use, strong accountability, effective monitoring, compliant AI adoption, and a culture that identifies and escalates inappropriate AI activity

About the Company

B

Blue Cross and Blue Shield Association

At the Blue Cross and Blue Shield Association (BCBSA), we provide business strategy, technical support and consulting expertise to 36 Blue Cross and Blue Shield companies across the nation, employing more than 1,000 of the best strategic thinkers in the industry. We are a Brand manager that sets quality control standards for the 36 independent companies that use the Blue Cross and Blue Shield Brands, and we serve as a trade association that represents these Blue companies. It is through our involvement that the Blues companies share a united vision and strategy while also benefiting from the local strength of all member companies.
COMPANY SIZE
2,000 to 2,499 employees
INDUSTRY
Insurance
WEBSITE
https://www.bcbs.com/about-us/careers