Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation in risk management. 

As a Tech Risk & Controls Lead in Cybersecurity Technology & Controls, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. By partnering with various stakeholders, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.

 Job responsibilities

Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goalsExecute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance workProactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory complianceLead and execute complex, cross-functional GRC programs and initiatives, ensuring they achieve strategic outcomes and align with business objectivesIdentify, manage, and mitigate delivery risks, proactively addressing potential roadblocks and implementing contingency plans to maintain program momentum

Partner with key stakeholders to iterate on design, implement, and continuously operate and enhance technology risk and control frameworks, ensuring they meet industry standards and regulatory requirements

 

Required qualifications, capabilities, and skills

Obtain 6+ years of experience or equivalent expertise in technical program management, cybersecurity, and/or technology controls rolesProficiency in cybersecurity domains, including policies and standards, risk and control assessments, and regulatory complianceProficiency in regulatory, legal, and industry standards such as NIST, ISO 27000 family, COBIT, FSP etc.Experience in developing, implementing, and operating robust risk and control frameworks to mitigate technology failure and cybersecurity risksAbility to ensure decisions or constraints affecting program delivery are effectively escalated and addressed in a timely mannerStrong verbal and written communication skills to translate technical risks into business impacts and engage with stakeholders at all levelsStrong analytical skills to dissect complex challenges, conduct thorough root cause analysis, and develop effective solutionsProficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategiesDemonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives

Preferred qualifications, capabilities, and skills

CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred

 

 

#CTC