Manager I, Technical Risk

About The Position

Requirements

• Advanced knowledge of technology operational and regulatory risks and controls, including knowledge of risk management techniques from both detection and mitigation perspectives
• Experience in risk assessment methodology and systems
• Experience in managing audits working with internal audit and external examiners.
• Advanced knowledge of, and proficiency in, data analysis, reporting, and operations research
• Ability to develop conclusions and feasible alternatives to formulate courses of action, including forecasting and cost-benefit analysis.
• Considerable experience managing multi-dimensional teams and projects which involve organization, holding strategy and status meetings, planning, motivating, and managing the work of participants.
• Experience in managing risk and/or compliance related activities in financial services or other relevant industry.
• Advanced knowledge of applicable federal and state laws, rules, and regulations
• Experience demonstrating thought-leadership, initiative-taking, decision making and creativity in solving business problems.
• Experience managing multiple priorities independently and/or in a team environment to achieve goals.
• Advanced leadership skills and the ability to guide others and prioritize multiple duties to achieve results in a multi-tasked, time sensitive office environment.
• Advanced analytical/quantitative, reconciliation and deductive reasoning skills
• Advanced skill developing and implementing programs.
• Advanced skill building effective relationships with all levels of staff, management, stakeholders, and vendors, through rapport, trust, diplomacy, and tact.
• Advanced verbal, written, interpersonal, and presentation skills to communicate clearly and concisely technical and non-technical information to all levels of management.
• Effective skill in project management to include establishing and leading project teams; managing timelines/deadlines/resources; ensuring successful project implementation.
• Significant experience in risk management, IT, cybersecurity, or a related technical field.
• Proven experience managing large-scale technical projects with high levels of risk.
• Significant knowledge of IT systems, software development, cloud technologies, and cybersecurity best practices.
• Significant knowledge of risk management frameworks such as COBIT, NIST, ISO 27001, and FAIR.
• Proven ability to lead cross-functional teams, manage stakeholders, and communicate risk effectively at all levels of the organization with empathy and accountability.
• Excellent verbal and written communication skills, with the ability to translate technical risks into business language for non-technical stakeholders.
• Experience leading through influence, ambiguity, and change with authenticity and clarity.
• Strong critical thinking and problem-solving skills to identify, assess, and mitigate risks in a dynamic environment.
• Significant Cybersecurity & IT Governance experience
• Advanced Communication & Leadership skills
• Advanced knowledge of Regulatory Compliance
• Bachelor's or Master's degree in Computer Science, Information Technology, Engineering, or a related technical field or equivalent combination of training, education and experience
• CISA, CRISC, CISSP, PMP, CISM, ICBBR, FRM, NCCO preferred certifications

Nice To Haves

• Master’s Degree in related field or equivalent combination of training, education and experience.
• Working knowledge of NCUA and FFIEC regulations, COSO, COBIT, NIST, and other risk frameworks a plus.
• Knowledge of Navy Federal's services, products, business processes, applications, and functions.

Responsibilities

• Establish Risk Assessments and Controls Testing to evaluate control effectiveness, identifying control failures, issues and event management, facilitating risk and compliance remediation, reviewing internal and external audits, and regulatory requirements over technology risk.
• Develop and implement tools, methods, and programs to identify and mitigate technology operational and regulatory risks.
• Manage and partner on efforts to identify and develop innovative, creative, and strategic initiatives for process improvements to sustain and improve risk in REL.
• Collaborate with the Office of General Counsel (OGC), 2nd Line Regulatory Compliance, Enterprise Risk Management (EORM), Lending, Information Security, and other NFCU Business Units, Audit, and regulators to support risk and compliance-based initiatives.
• Lead the assessment of technical risks in existing systems and upcoming projects.
• Evaluate technologies, infrastructure, and processes for potential vulnerabilities and failure points.
• Conduct in-depth analysis of risks related to software, hardware, cybersecurity, data integrity, and operational processes.
• Collaborate with staff, senior management, and business unit partners to assess and support organization risk mitigation needs by developing strategies, tactics, and quality review solutions.
• Develop and implement mitigation plans to reduce identified technical risks.
• Collaborate with engineering, IT, and product teams to execute risk mitigation initiatives effectively.
• Provide clear, concise reports to senior leadership, outlining key technical risks and mitigation progress.
• Serve as Subject Matter Expert for all technical risk-related matters including incidents and risk impact.
• Ensure that all technical activities are compliant with regulatory requirements and internal governance frameworks.
• Lead ongoing risk management improvements through process optimization, technology upgrades, and staff training.
• Assess and manage risks associated with external vendors and third-party services.
• Partner closely with the Manager II to co-lead team engagement efforts, cultivate team morale, and reinforce share purpose.
• Foster a culture of respect, inclusivity, continuous improvement, and psychological safety across the team.
• Promote a culture of risk awareness and proactive risk management throughout the organization.
• Serve as a role model for emotional intelligence, demonstrating compassion, clarity, and consistency in leadership.
• Support performance and development conversations with team members by providing empathetic coaching and thoughtful accountability.
• Act as a culture carrier who helps reinforce the mission, vision, and values of the team in both day-to-day interactions and broader initiatives.
• Translate technical and operational goals into people-centric strategies that motivate and empower others.
• Identify and address interpersonal dynamics that may affect team cohesion, proactively surfacing risks to culture, communication, or morale.
• Contribute to a collaborative leadership environment by challenging ideas respectfully, embracing feedback, and aligning decisions with team and enterprise goals.
• Prioritize risks based on business impact, and work with stakeholders to design and implement mitigation strategies.
• Advanced knowledge of risk management principles, frameworks (e.g., ISO, NIST, COSO), and regulatory compliance requirements