Lead Control Management Officer - Cloud Platforms

About The Position

Requirements

• 5+ years of Risk Management or Financial Services Industry experience, or equivalent experience demonstrated through one or a combination of the following: work experience, training, military experience, education.
• 3+ years focused on cloud technologies with a strong understanding of cloud platforms (Azure, GCP, OpenShift Container Platform) and financial regulatory requirements.

Nice To Haves

• Cloud Certified Solutions Architect, Cloud Certified Security Engineer, CISSP, CISA, CRISC.
• Expertise in cloud security, IAM, encryption and compliance frameworks
• Strong analytical, problem solving and stakeholder management skills
• Familiarity with automation tools and cloud monitoring solutions

Responsibilities

• Act as an advisor to more experienced leaders in developing risk mitigation strategies for complex and highly integrated business specific risk across different business lines
• Monitor, measure, evaluate, and report impact of decisions and business controls to the relevant business group and enterprise function
• Lead the strategy and resolution of highly complex current and emerging risks requiring in depth evaluation across multiple areas or the enterprise, as well as good understanding of financial crimes, operational risk, audit, legal, credit risk, market risk, IT systems security, and business process management
• Provide vision, direction, and expertise to more experienced leaders on implementing innovative and significant business solutions for highly complex risks associated with business operations
• Lead and mentor Control Management project or virtual teams
• Engage with all levels of roles across the business group, and serve as an experienced advisor in designing and implementing risk mitigation strategies, business processes, and controls that mitigate risks and address regulatory requirements
• Develop and maintain a comprehensive control framework for cloud platforms (AWS, Azure, GCP) aligned with financial industry standards.
• Identify, assess, and remediate technology risks related to cloud services, including operational resilience and third-party risk.
• Perform regular risk assessments, control testing, and ensure adherence to enterprise risk appetite.
• Ensure compliance with financial regulations (e.g., FFIEC, OCC, SEC, GDPR) and internal policies.
• Partner with internal audit, compliance, and regulatory teams to address findings and implement remediation plans.
• Maintain governance documentation for regulatory exams and audits.
• Collaborate with cloud engineering and cybersecurity teams to embed security and compliance controls in architecture and deployments.
• Review and approve cloud configurations, IAM policies, encryption standards, and data residency requirements.
• Monitor for vulnerabilities and ensure timely remediation in accordance with financial sector security standards.
• Act as a trusted advisor to technology teams, risk management, and business units on cloud risk and compliance requirements.
• Provide guidance during cloud migration projects and new service implementations.
• Deliver training and awareness programs on cloud risk management and regulatory compliance.
• Stay informed on emerging cloud technologies, regulatory changes, and risk trends impacting financial institutions.
• Recommend enhancements to control processes, automation opportunities, and operational resilience strategies.
• Drive initiatives to strengthen cloud governance and reduce risk exposure.

Benefits

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement