Senior Technology Governance Consultant

Truist Bank•Charlotte, NC

3d•Onsite

About The Position

The Senior Technology Governance Consultant leads the identification, assessment, and mitigation of technology risks to ensure regulatory compliance and a strong control environment. This role implements and enforces governance processes and controls, providing oversight and reporting to safeguard critical technology assets and support organizational objectives. The Cybersecurity Issues Intake Analyst serves as the front door for cybersecurity-related concerns and risk issues across the organization. This role is responsible for receiving, triaging and documenting cybersecurity issues and remediation plans with subject matter experts, ensuring timely visibility, consistent classification, and effective resolution tracking. The ideal candidate combines strong analytical skills, attention to detail, and foundational cybersecurity knowledge with the ability to communicate clearly across technical and non-technical stakeholders.

Requirements

Bachelor’s degree in Information Technology, Information Security, Engineering, or related field.
Minimum of 7 years of professional experience in technology governance.
Strong knowledge of regulatory requirements and compliance frameworks.
Experience applying governance assessment methodologies and control frameworks.

Nice To Haves

Master’s degree in a relevant technical or business discipline.
Experience in the financial services industry.
Professional certifications such as CRISC, COBIT, CGEIT, CISM3, or equivalent.
Strong knowledge of cybersecurity capabilities and frameworks and financial industry regulations.
Proven ability to manage complex technology governance projects, programs, and initiatives.

Responsibilities

Work with key risk stakeholders to identify and evaluate potential cyber issues including performing a risk rating analysis, and recommendation on whether concern should be formally documented as part of issue management routines.
Ensure timely creation of issue and remediation plan documentation for self-identified, audit and regulatory related cyber issues.
Collaborate with risk advisors, issues management, audit and regulatory stakeholders to collect and address feedback for issue documentation and remediation plans.
Develop and effectively manage operational metrics related to cyber issues intake initiatives.
Maintain accurate records of issues and risk stakeholder feedback throughout their lifecycle in applicable tracking systems.
Monitor issue lifecycle progress and follow up with key stakeholders to ensure timely resolution of challenges/roadblocks that arise.
Consistently document and communicate intake status, expectations, and next steps to stakeholders.
Provides detailed and timely reporting on technology risk posture and compliance to senior management and regulatory bodies.
Collaborates with cross-functional teams to integrate governance into technology projects, operations, and governance processes.
Supports internal and external reporting by preparing documentation, responding to inquiries, and may facilitate control testing.
Monitors emerging technology risks and regulatory changes, recommending proactive adjustments to governance strategies.
Manages large, complex technology governance projects and assignments and provides guidance and coaching to junior professionals and project teams within the technology governance domain.
Drives risk awareness and compliance culture across technology teams through training and communication initiatives.
Directs comprehensive technology governance assessments and control testing to identify vulnerabilities and ensure effective risk mitigation.
Implements and continuously improves technology governance frameworks, policies, and procedures.