Senior Risk Manager

About The Position

Requirements

• 15+ years of experience in technology risk management, technology audit, controls, or a related discipline within financial services or another highly regulated environment.
• Bachelor’s degree required.
• A proven, senior-level risk leader with the credibility to advise—and appropriately challenge—Technology executives.
• Demonstrated ability to influence at the enterprise level and shape strategy through clear, data-informed risk perspectives.
• A track record of building and leading high-performing teams and developing future leaders.
• Deep knowledge of risk management concepts, frameworks, and assessment methodologies.
• Strong technical fluency across IAM, network and endpoint controls, data platforms, legacy environments, cloud, and AI-enabled capabilities.
• Demonstrated information security experience and a working understanding of the cyber threat landscape.
• Strong understanding of IT regulatory expectations and compliance requirements.
• Ability to balance business priorities with risk considerations and communicate tradeoffs clearly to senior management.
• Excellent relationship management and executive communication skills; able to simplify complex topics without losing rigor.
• Experience coordinating cross-location initiatives and aligning stakeholders across functions and geographies.

Nice To Haves

• Advanced degree preferred.
• Certifications such as CPA and/or CIA are a plus.

Responsibilities

• Serve as a senior advisor to Technology leaders on cyber and technology risk across known issues, evolving threats, and emerging technologies.
• Influence enterprise strategy and provide credible challenge to senior stakeholders to ensure risk remains within the firm’s risk appetite.
• Anticipate regulatory and industry expectations; translate them into forward-looking guidance that shapes program roadmaps.
• Represent Cyber & Technology Risk on firm-wide committees, working groups, and—when needed—client and external partner discussions.
• Own and continuously enhance the cyber and technology risk program, including policies, standards, and independent control assessments.
• Escalate material risks, high-severity issues, and emerging trends to Technology leadership and relevant governance forums.
• Oversee corrective action plans and validate closure; analyze themes and root causes across audit and regulatory findings and operational risk events.
• Lead risk reviews for new products, services, and material changes; partner with Legal, Compliance, and Risk teams to align decisions to risk tolerance.
• Coordinate external assurance activities (e.g., SOC 2), including evidence management, walkthroughs, and timely responses to requests.
• Partner with Internal Audit, Compliance, and Legal to continuously strengthen the firm’s risk and control infrastructure.
• Maintain and enhance technology risk policies and standards, translating regulatory expectations into practical, implementable requirements.
• Contribute to AI governance and oversight by supporting control design, risk assessments, and adoption of firmwide guardrails.
• Design and deliver risk and control training that improves awareness, ownership, and day-to-day execution across Technology.
• Partner with Information Security to refresh security awareness content and embed coverage of emerging risks (e.g., phishing, third-party, cloud, and AI).
• Build trust-based relationships across Technology to ensure early engagement on strategy, roadmaps, major initiatives, and ongoing activities.
• Set priorities and an operating rhythm for the Cyber & Technology Risk team to deliver high-quality outcomes efficiently and consistently.
• Develop talent with strong business acumen and the ability to engage credibly with senior stakeholders.
• Hire, coach, and manage performance to build and retain a high-performing team.
• Foster a culture of intellectual curiosity, constructive challenge, and continuous improvement.

Benefits

• long-term savings
• healthcare
• income protection
• professional development opportunities
• time off