Location: New York, NY, United States

Join a role that's central to our technological resilience, offering a unique opportunity to shape the firm's tech risk strategy and enhance industry compliance. 

As a Tech Risk & Controls Director in Consumer and Community Banking, Engineering Tools and Productivity, you will play a pivotal role in shaping and implementing the firm's technology risk management strategy. Leveraging your advanced knowledge and expertise in technology-risk disciplines, you will identify, oversee, and mitigate compliance and operational risks in line with the firm's standards. You will collaborate with various stakeholders, including Product Owners, Business Control Managers, and regulators, to develop and maintain a comprehensive view of the technology risk posture and its impact on the business. Your ability to make calculated decisions, manage large teams, and drive strategic projects will be crucial in ensuring the firm's adherence to regulatory obligations and industry best practices. Your work will contribute to the long-term success and resilience of the organization in an ever-evolving technology landscape.

 

Job responsibilities

• Develop and implement technology risk management strategies, policies, and processes to identify, assess, and mitigate risks, driving strategic projects and initiatives to enhance the firm's technology risk management capabilities.
• Collaborate with engineering teams to identify and implement solutions that effectively address software development lifecycle (SDLC) control adherence and drive operational excellence.
• Identify and escalate emerging and upstream technology risks through execution of the firm’s management framework tools, including risk event management, reporting, and action plan tracking.
• Provide expert counsel and technical guidance to stakeholders and team members regarding security obligations and control adherence best practices, facilitating acceptable outcomes.
• Establish and maintain strong relationships with internal and external stakeholders, including cross-functional team leads, regulators, and auditors, to ensure compliance with legal, regulatory, and industry standards.
• Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance.
• Manage reporting and governance of overall controls, policies, issue management, and measurements, providing insight to senior leaders into effectiveness of controls and informing governance work.
• Lead the end-to-end success of solutions from ideation to launch through collaboration with engineering, product, and infrastructure support teams.
• Communicate progress and risk posture to key stakeholders, providing executive-level updates and a comprehensive view of technology risk impacts.
• Drive innovative solutions and foster a culture of continuous improvement, learning, and experimentation within the team.

 

Required qualifications, capabilities, and skills

 

• 7+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation.
• Demonstrated expertise in risk management frameworks, industry standards, and regulatory requirements relevant to the financial industry.
• Proven ability to lead large teams, manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology insights to business strategy.
• Advanced knowledge and experience leading data security, risk assessment and reporting, and control evaluation, design, and governance, with a track record of implementing effective risk mitigation strategies.
• Prior software development and programming experience (5+ years), with familiarity in SDLC, API design principles, microservice architectures, cloud technologies, and DevOps.
• Ability to communicate technical and complex topics to both technical and non-technical audiences, building trust and alignment across diverse stakeholders.
• Strong relationship-building and interpersonal skills, with a focus on cross-functional collaboration and progress toward shared goals.
• Execution-focused, action-oriented, and strong attention to detail in managing risk and control initiatives.
• BS/BA degree or equivalent experience.
• Knowledge of industry-wide technology trends and best practices, with a passion for building an innovative culture.

 

Preferred qualifications, capabilities, and skills

 

• CISM, CISA, CRISC, CISSP, or similar industry-recognized risk and security certifications.
• Experience and expertise in AI/ML and data platforms.
• Expertise in working in large, collaborative teams to achieve organizational goals.
• Demonstrated ability to foster a culture of experimentation, learning, and creative problem-solving.

 

Lead the strategic development and implementation of technology risk management in a dynamic, evolving tech landscape.