Senior Manager, Technology Risk

About The Position

Requirements

• Bachelor's degree or equivalent practical experience in information technology, cybersecurity, or a related field.
• 8+ years of experience in technology risk, information security risk management, IT audit, or GRC in a banking or financial services environment.
• 3+ years of direct people management experience leading technology risk, information security governance, risk, and compliance, or information technology audit professionals.
• Demonstrated experience applying FFIEC IT Examination Handbook standards and OCC guidance on technology risk and information security in a bank or federally regulated institution.
• Experience engaging banking regulators (OCC, FDIC, or Federal Reserve) on technology risk, cybersecurity, or IT controls examination matters.

Nice To Haves

• Experience building or significantly enhancing a technology risk or information security GRC program in a de novo bank, early-stage bank, or similar environment where the program required meaningful design and build-out.
• Knowledge of cloud risk management and OCC/FFIEC guidance on cloud computing (OCC Bulletin 2020-46), particularly in cloud-native or fintech-adjacent technology environments.
• Familiarity with affiliate technology risk oversight, including independent oversight of bank-affiliate technology service arrangements, associated data segregation requirements, and Regulation W implications.
• Experience with GRC tool implementation or administration in a bank regulatory context.
• Current professional certification in information security or technology risk management (CISSP, CISA, CRISC, CISM, or comparable).
• Knowledge of AI/ML technology risk and related governance considerations in a fintech, lending, or model-intensive operating environment.

Responsibilities

• Provide independent second-line review and credible challenge of first-line technology and information security activities, including cybersecurity controls, software development lifecycle (SDLC) and incident response programs, technology resiliency and third-party arrangements.
• Oversee completion of the FFIEC Cybersecurity Assessment Tool (CAT) or equivalent framework; conduct technology and security risk assessments; and provide independent oversight of technology and security risks in alignment with OCC guidance on cloud computing.
• Serve as a primary second-line point of contact for OCC examiners, internal audit, and other external stakeholders on technology risk and information security program topics and inquiries; prepare and deliver technology risk reporting to risk committees, the CRO, and the board.
• Build and lead a growing Technology Risk team, shaping how the bank identifies, prioritizes, and responds to its most important technology and security risks in alignment with applicable industry regulations.
• Partner with first-line IT and cybersecurity teams, TPRM, ERM, Legal, and Compliance to ensure technology and information security risk is integrated into enterprise risk programs, cross-functional risk assessments, and the bank's overall 2LOD reporting and governance structure.

Benefits

• Competitive compensation, including base pay, bonus opportunities, and annual equity grants that vest quarterly.
• Retirement benefits to help you plan for the future, including a 401(k) or Group Retirement Savings Plan with a company match of $2 for every $1 contributed, up to $15,000 annually (USD in the US, CAD in Canada).
• Employee Stock Purchase Plan (ESPP) with discounted stock purchase options for eligible employees (US only).
• Comprehensive health coverage designed to support you and your family, including medical, dental, vision, and wellness resources for US and supplemental health coverage for Canada.
• Health Savings Account contributions from Upstart for eligible plans (US only).
• Income protection benefits, including life insurance and disability coverage for added financial security.
• Paid time off, sick leave, and company holidays, in line with local requirements.
• Paid family and parental leave to support caregiving and major life moments (duration varies by country).
• Family-centered benefits to support fertility, parenthood, and caregiving needs.
• Employee Assistance Program (EAP) offering mental health support and life-centered resources.
• Financial wellness resources, including access to financial planning tools and a financial concierge service (US Only).
• Annual wellness allowance to support your physical and emotional well-being and personal development, based on what matters most to you.
• Annual productivity allowance to invest in relevant tools and resources you need to do your best work, no matter where you work from.
• Connection and community through team events, all-company updates, and employee resource groups (ERGs).
• Onsite perks, including catered lunches and fully stocked micro-kitchens when working from one of our offices in the Bay Area, Austin, Columbus, and New York City (opening Summer 2026!).