Tech Risk Controls Lead

Opportunity to shape risk culture and ensure technological safeguards in a dynamic, collaborative environment.

As a Tech Risk Assurance Lead in Cybersecurity & Tech Controls team, your role will involve identifying and influencing the design of technology controls to enhance the firm's ability to manage compliance and operational risk exposure. You will offer subject matter expertise and technical guidance to technology-aligned product and process owners, ensuring that controls are integrated and adhered to throughout the Global Technology organization, in line with regulatory, legal, and industry standards. By collaborating with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will help provide a comprehensive view of the technology risk posture and its impact on the business. Your advanced understanding of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively lead a diverse team in a dynamic and evolving risk environment. This position will focus on and offer personal growth in areas such as supply chain risk, software development lifecycle, and emerging technologies like blockchain and AI/ML.

Job responsibilities

• Effectively identify, quantify, communicate, and manage technology risks, emphasizing root cause analysis and resolution recommendations.
• Build and sustain strong relationships, becoming a trusted partner with line of business technologists, assessment teams, and product owners to support cross-functional collaboration.
• Facilitate progress toward shared goals through robust partnerships and collaboration.
• Execute reporting and governance of controls, policies, issue management, and measurements.
• Provide senior management with insights into control effectiveness and risk posture to ensure proper prioritization.
• Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance

Required qualifications, capabilities, and skills

• Formal training or certification on Tech Risk & Control concepts and 5+ years applied experience
• Experience in technology risk management, information security, or a related field.
• Expertise in risk identification, assessment, and mitigation.
• Familiarity with risk management frameworks and industry standards.
• Knowledge of financial industry regulatory requirements.
• Proficient in supply chain risk, software development lifecycle, and control evaluation.
• Ability to influence executive-level decision-making and translate technology insights into business strategies.

Preferred qualifications, capabilities, and skills

• CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred