Head of Technology Risk Management

About The Position

Requirements

• Bachelor’s degree required; advanced degree preferred.
• 8+ years in technology risk management and leadership.
• Hands-on in IT risk frameworks, disaster recovery, and vendor risk.
• Proven leadership in technology risk management, IT disaster recovery, and third-party/vendor risk programs.
• Strong understanding of risk frameworks, incident response, and regulatory requirements.
• Demonstrated leadership in large, complex, multi-divisional global settings.
• Strong communication and broad influence skills; ability to develop strong relationships with internal and external stakeholders.
• Well-developed interpersonal skills that combine both IQ and EQ.
• Strong problem-solving ability with a focus on managing to business outcomes through collaboration with multiple internal and external parties
• Executive presence and comfort interacting across all levels of the organization including senior leadership
• Hands on leader with desire to dig into the details, build new practices, work across the organization to build buy-in, but also has the ability to work on strategy and interact with executive level discussions.
• Leads and motivates others, generating commitment and a shared sense of purpose.
• Demonstrates and models Zoetis Core Beliefs in all interactions
• Accountable for delivery of measurable results with significant positive impact to ZTD
• Risk frameworks (e.g. ISO 27001, NIST, SOX, PCI-DSS)
• Extensive experience with Third Party Vendor Management risk and audit management tools
• IT business continuity and disaster recovery planning
• Incident response, risk reporting, and control testing
• Communication of complex risk concepts to technical and executive audiences

Responsibilities

• Establish process, KPIs and management reporting to govern and proactively manage accepted technology risk.
• Constantly review existing policies and tooling, driving improvements and leverage automation / AI wherever possible.
• Chair the Technology Governance & Risk Management SteerCo.
• Direct the execution of third-party risk management activities, including vendor risk assessments, ongoing monitoring, escalations, and remediation.
• Proactively manage, communicate and escalate issues to senior leadership as needed.
• Review and approval of Risks/Findings, escalating risk recommendations to management as needed.
• Assist the Legal and Procurement teams with periodic updates to the Third-Party Minimum-Security Baseline contract addendum and provide ZTD review and monitoring of controls therein.
• Define and manage TPRM Training and Communication strategy for ZTD and Business.
• Establish KPIs and management reporting, proactively provide insights to accepted risk.
• Proactively optimize the process, tools and support structure with advancements with automation and AI.
• Owns, governs the IT Escalation Management Process, constantly evaluating how to optimize.
• Serves as escalation point for technology risk events and deviations, ensuring incidents are properly recorded, investigated, escalated, and closed.
• Accountable for proactively managing accepted risk and providing management reporting.
• Refines and implements KRIs (Key Risk Indicators) embedded in daily operations.
• Oversees the planning, execution, and escalation of IT disaster recovery and business continuity efforts, ensuring proper business resilience across all divisions.
• Ensures resiliency is built for the IT environment and applications.
• Develops and executes IT resiliency procedure and plans working with ZTD and business as applicable.
• Establish KPIs and management reporting providing view of overall health of ZTD Infrastructure & IT Resiliency (DR).
• Oversee tabletop reviews and recovery testing for Edge Sites.
• Act as strategic partner with IT, business units, and leadership to mature risk management capabilities.
• Foster a collaborative culture focused on continuous improvement and learning.

Benefits

• healthcare and insurance benefits beginning on day one
• a 401K plan with a match and profit-sharing contribution from Zoetis
• 4 weeks of vacation