Senior Manager, T&O Risk

BMO•Chicago, IL

2d•$102,000 - $190,000•Hybrid

About The Position

The Office of the U.S. Chief Technology & Operations Officer (CTOO) is seeking a Senior Manager, T&O Risk—a strategic, analytical leader who will shape how technology and cyber risks are measured, communicated, and understood across the enterprise. This highly visible role sits at the intersection of Technology, Cyber Security, Operations, and Executive Strategy and directly contributes to enterprise-level risk management decisions. In this role, you'll design frameworks, challenge narratives, build risk intelligence, and influence stakeholders across a global first line of defense (1st LOD) environment. You will lead projects—not people—and collaborate daily with Technology leaders, Cyber teams, Operations SMEs, vendors, and peer risk partners. This is a hybrid role based in Chicago.

Requirements

7+ years of experience in Technology, Cyber, Operational Risk, or related fields.
6+ years of hands-on risk management experience.
Strong understanding of risk, governance, and compliance frameworks.
Demonstrated experience with stakeholder management, relationship building, and influencing senior decision-makers.
Proven ability to challenge assumptions and drive clarity in technical and operational narratives.
Data-driven mindset with experience interpreting risk metrics, dashboards, and analysis.

Nice To Haves

Professional certifications such as CIA, CISA, CISSP, or CRISC are strong assets.
You are: A strategic thinker who can navigate and translate complex technology and risk themes for senior audiences.
A curious problem-solver who challenges the status quo and looks for the “why” behind every request.
A strong communicator who can build trust and influence across technical and non-technical groups.
A self-starter who can lead projects independently and move initiatives from vision to execution.
Someone who thrives working across a dynamic, global, and highly interconnected technology environment.

Responsibilities

Design, implement, and continually enhance frameworks for Technology & Operations (T&O) Risk across the first line of defense.
Lead efforts to define and modernize how risk information is gathered from technical leaders, vendors, and global partners.
Develop methodologies for meaningful Key Risk Indicators (KRIs), Key Performance Indicators (KPIs), and control effectiveness measures.
Assess and challenge the information and narratives provided by technical teams—ensuring clarity, alignment, and a strong “understanding of the why” behind requests.
Lead the strategy and operational execution of Cyber and Technology Risk reporting across key risk domains.
Build and own the roadmap for enhanced risk identification, measurement, and reporting practices.
Partner with Data & Analytics teams to surface data-driven insights, trends, emerging risks, and risk concentration points across T&O.
Elevate enterprise risk conversations by surfacing thematic risks, systemic issues, and control gaps for senior leadership and governance committees.
Act as a strategic connector between Technology, Cyber Security, Operations, Risk Management, and Executive leadership.
Engage directly with senior leaders, vendors, and cross-functional counterparts to ensure risk intelligence is timely, accurate, and actionable.
Influence how risk reporting is interpreted, communicated, and acted upon across multiple stakeholder groups.
Empower and guide risk professionals and technical partners to improve reporting, analytics, and stakeholder engagement processes.
Lead complex, high-impact projects to advance risk practices across the organization (no people management responsibilities).