IT Director I - First Line IT Governance, Risk, and Controls

About The Position

Requirements

• 10+ years direct experience in IT Governance, IT Risk Management, Cybersecurity, Compliance, or Technology Audit.
• Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or a related field required
• Proven leadership experience with the ability to manage and develop teams, drive accountability, and foster collaboration across IT and business units.
• Intermediate to advanced knowledge of general Financial Services or Banking is preferred.
• Intermediate to advanced knowledge of regulatory and compliance frameworks (e.g., FFIEC, SOX, GLBA) and industry standards (e.g., NIST, ISO).
• Experience managing IT risk programs and governance processes, including KRIs, control inventories, audit coordination, and regulatory deliverables.
• Ability to analyze complex data sets and summarize findings into actionable insights for governance reporting and executive presentations.
• Exceptional communication skills, both written and verbal, with the ability to influence stakeholders and present to senior leadership and committees.
• Advanced to expert experience in risk management tools and platforms and familiarity with IT control frameworks.
• Advanced to expert ability to analyze a variety of data and summarize findings in applicable reports or other communication mediums.
• Utilize data to identify areas of improvement and opportunities for growth by collaborating with business and tech leads.
• May require up to 25% travel.

Nice To Haves

• Relevant industry certifications preferred (e.g., CISA, CRISC, CISSP, CISM, CGEIT, ITIL).
• Advanced degree or certifications (e.g., CRISC, CISA, CISSP) preferred.

Responsibilities

• Lead the delivery of technology solutions leveraging partnerships with other technology teams, business teams and leaders, strategic partners, and third-party technology providers.
• Collaborate with internal business partners to proactively address ongoing customer needs and ensure rapid resolution to open issues.
• Foster a collaborative environment with focus on continuous improvement and delivery of working software.
• Drive the strategic planning for the delivery of products and services as well as evaluate Technology and set standards.
• Recommend improvements to established business processes as well as to continue to deliver high value in execution.
• Create comprehensive project plans as well as to remove any impediments and track overall project performance, specifically to analyze the successful completion of business short-term and long-term goals.
• Oversee IT Governance, Risk & Compliance (GRC) functions including regulatory compliance management, policy governance, IT risk assessments, third‑party technology risk, audit engagement management, issue/exception oversight, and the enterprise identity, access and service management governance program.
• Oversee the development, tracking, and reporting of IT KRIs within GRC and Workfront platforms to provide timely insights into emerging risks and trends.
• Coordinate and help lead reviews of Service Organization Control (SOC) reports to validate IT control effectiveness and identify potential gaps impacting risk posture.
• Ensure the accuracy and completeness of the IT risk control inventory, including updates for new controls, retirements, and alignment with regulatory and internal standards.
• Develop and deliver high-quality materials for governance forums, ensuring clarity on risk issues, mitigation strategies, and decision-making support.
• Oversee IT participation in regulatory exams, internal audits, and enterprise risk reviews, ensuring consistent messaging and readiness.
• Serve as a trusted advisor to IT stakeholders by offering guidance on risk identification, exception management, mitigation strategies, and compliance with enterprise risk frameworks.
• Aggregate and analyze data for issue owners to monitor remediation progress and escalate delays or concerns to leadership.
• Oversee the execution of mock regulatory exams and remediation exercises to strengthen preparedness for supervisory reviews and internal assessments.
• Prepare and present risk and control updates for key governance bodies, ensuring transparency and actionable insights.
• Create executive-level reports and presentations that communicate IT risk posture, trends, and strategic initiatives to senior leadership.
• Participate in building the IT organization's strategy for employee development, retention, resource allocation, talent management, performance management, and achieve a diverse and engaged workforce as well as recruit, train, and evaluate staff members work.
• Participate in the annual budget planning and management process as well as business cases reviews, execution plans, and operating plans for their teams.

Benefits

• competitive salaries
• an ownership stake in the company
• medical and dental insurance
• time off
• a great 401k matching program
• tuition assistance program
• an employee volunteer program
• and a wellness program