Lead Control Management Officer - Platform Assurance

About The Position

Requirements

• 5+ years of Risk Management or Financial Services Industry experience, or equivalent experience demonstrated through one or a combination of the following: work experience, training, military experience, education.
• 5+ years of Technology Risk, Control Management, Information Security, IT Audit, SOX1 or related experience.
• 3 + years experience assessing or testing ITGCs, platform controls, cloud technologies, IAM, CI/CD pipelines, or data platforms

Nice To Haves

• Certifications such as Cloud Security Engineer, security Architect, CISSP, CISA, CRISC, or similar.
• Experience with monitoring tools, configuration management, or automation technologies.
• Knowledge of encryption standards, data protection, container security, or identity governance frameworks.
• Strong written and verbal communication skills and the ability to collaborate across diverse partner groups.
• Ability to manage multiple assessments and deadlines in a matrixed environment.
• Ability to engage and influence partners across Technology, Cyber Security, Architecture, and Risk.
• Ability to perform complex assessments and clearly convey control weaknesses and recommendations.

Responsibilities

• Lead complex initiatives designed to mitigate current and emerging risks with broad impact
• Act as key participant in monitoring, evaluating, and measuring the impact of decisions practiced in Control Management functional area
• Monitor moderately complex business specific programs, and provide risk management consulting to support the business in designing and implementing risk-mitigation strategies
• Monitor, measure, evaluate, and report on the impact of decisions and controls to the relevant business group or functional area
• Develop and implement risk monitoring and risk reporting processes and controls
• Collaborate with relevant business group to identify current and emerging risks associated with business activities and operations, and provide guidance in developing and implementing risk-mitigating strategies
• Lead Control Management project or virtual teams
• Lead and perform complex platform assurance assessments across IT General Controls (ITGC), platform engineering controls, and supporting technology services.
• Conduct hand on control testing and evaluation for emerging technology including cloud (Azure, GCP, AWS), private cloud, IAM, CI/CD, data platforms, databases, and container platforms.
• Identify and assess Consumer/Producer requirements and evaluate their implementation across enabling technologies and system-of-record governance.
• Analyze evidence, document findings, and assess platform risk posture with clear articulation of control impacts.
• Identify technology risks related to access, configuration, deployment pipelines, data protection, and operational resilience.
• Support issue lifecycle activities including root cause analysis, remediation plan review, control design improvement, and evidence validation.
• Contribute to thematic analysis across assessment outputs, threat modeling, Red Team exercises, and audit reviews.
• Assist with maintaining and maturing the platform control framework across Cloud, IAM, CI/CD, Data Management, and PAM domains.
• Support governance routines, audit readiness, regulatory documentation, and senior reporting packages.
• Maintain high‑quality assessment artifacts, testing documentation, and risk summaries for leadership and committees.
• Work with platform engineering, cyber security, architecture, and application teams to interpret control requirements and support remediation.
• Lead and conduct technical walkthroughs, testing plan, evidence reviews, and control discussions across diverse stakeholder groups.
• Build effective relationships across Technology and Control Management to drive consistent risk management practices.
• Recommend enhancements to assessment methodology, testing processes, automation, and telemetry‑based monitoring.
• Stay current on emerging technology trends, cloud control models, and regulatory expectations impacting financial institutions.
• Contribute to initiatives that improve the control environment, technology risk governance, and overall program maturity.
• Provide guidance and mentorship to junior assessors and team members.

Benefits

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement