Manager, IT Risk Governance & Assessment

About The Position

Requirements

• Bachelor’s Degree in Information Technology, Cybersecurity, Risk Management, or a related field that provides a strong foundation for this work
• 7 or more years of experience in IT risk management, cybersecurity, compliance, or a related discipline within a large, regulated financial services environment
• Proven experience developing and managing IT risk governance frameworks, policies, standards, and controls such as NIST, ISO 27001, or COBIT
• Strong analytical skills with hands-on experience in risk identification, assessment methodologies, and root cause analysis
• Ability to translate complex regulatory requirements into clear, practical policies and controls that teams can execute
• Excellent communication skills with the ability to explain complex concepts clearly to senior executives and diverse stakeholders
• Experience managing both direct reports and matrixed teams in a dynamic, high-pressure environment
• A track record of mentoring and developing talent, including helping junior team members grow into more strategic roles

Nice To Haves

• An advanced degree that deepens your expertise in IT risk, cybersecurity, or governance
• Additional experience in enterprise risk management within a large financial services organization
• Familiarity with Agile execution environments and Scrum leadership
• Experience working within or alongside first line of defense risk functions
• Certifications or specialized knowledge that strengthen your ability to lead governance and control design

Responsibilities

• Develop, maintain, and enhance IT risk management policies, standards, and control frameworks that guide Toyota Financial Services’ approach to managing technology risk
• Own and maintain the enterprise IT Control Library, ensuring controls are aligned to regulatory expectations and industry frameworks
• Lead enterprise-wide IT risk identification and assessment efforts to uncover emerging risks, vulnerabilities, and control gaps before they become issues
• Use incident investigation insights to strengthen controls and continuously improve the organization’s risk posture
• Manage and develop direct reports and matrix resources by delegating effectively, coaching for growth, and removing barriers to success
• Build trusted partnerships with senior executives, including the CRO, CIO, CISO, CPO, and CTO, by communicating clearly and delivering credible, business-focused recommendations
• Collaborate closely with control execution teams to ensure policies and standards are implemented consistently and effectively
• Partner with governance, audit, and compliance teams to keep risk frameworks aligned with regulatory requirements and industry best practices
• Promote a strong risk-aware culture through guidance, training, and communication on core IT risk principles
• Monitor regulatory changes and emerging threats to keep the risk framework current, relevant, and effective
• Lead with a strategic mindset while supporting operational excellence in a highly regulated environment
• Foster teamwork, resilience, and professional development across your organization

Benefits

• A work environment built on teamwork, flexibility, and respect
• Professional growth and development programs to help advance your career, as well as tuition reimbursement
• Team Member Vehicle Purchase Discount
• Toyota Team Member Lease Vehicle Program (if applicable)
• Comprehensive health care and wellness plans for your entire family
• Flextime and virtual work options (if applicable)
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
• Paid holidays and paid time off
• Referral services related to prenatal services, adoption, childcare, schools, and more
• Tax Advantage Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA
• Relocation assistance (if applicable)