Tech Risk and Controls Director

About The Position

Requirements

• 7+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigation.
• Demonstrated expertise in risk management frameworks, industry standards, and regulatory requirements relevant to the financial industry.
• Proven ability to lead large teams, manage cross-functional projects, influence executive-level strategic decision-making, and effectively translate technology insights to business strategy.
• Advanced knowledge and experience leading data security, risk assessment and reporting, and control evaluation, design, and governance, with a track record of implementing effective risk mitigation strategies.
• Prior software development and programming experience (5+ years), with familiarity in SDLC, API design principles, microservice architectures, cloud technologies, and DevOps.
• Ability to communicate technical and complex topics to both technical and non-technical audiences, building trust and alignment across diverse stakeholders.
• Strong relationship-building and interpersonal skills, with a focus on cross-functional collaboration and progress toward shared goals.
• Execution-focused, action-oriented, and strong attention to detail in managing risk and control initiatives.
• BS/BA degree or equivalent experience.
• Knowledge of industry-wide technology trends and best practices, with a passion for building an innovative culture.

Nice To Haves

• CISM, CISA, CRISC, CISSP, or similar industry-recognized risk and security certifications.
• Experience and expertise in AI/ML and data platforms.
• Expertise in working in large, collaborative teams to achieve organizational goals.
• Demonstrated ability to foster a culture of experimentation, learning, and creative problem-solving.

Responsibilities

• Develop and implement technology risk management strategies, policies, and processes to identify, assess, and mitigate risks, driving strategic projects and initiatives to enhance the firm's technology risk management capabilities.
• Collaborate with engineering teams to identify and implement solutions that effectively address software development lifecycle (SDLC) control adherence and drive operational excellence.
• Identify and escalate emerging and upstream technology risks through execution of the firm’s management framework tools, including risk event management, reporting, and action plan tracking.
• Provide expert counsel and technical guidance to stakeholders and team members regarding security obligations and control adherence best practices, facilitating acceptable outcomes.
• Establish and maintain strong relationships with internal and external stakeholders, including cross-functional team leads, regulators, and auditors, to ensure compliance with legal, regulatory, and industry standards.
• Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance.
• Manage reporting and governance of overall controls, policies, issue management, and measurements, providing insight to senior leaders into effectiveness of controls and informing governance work.
• Lead the end-to-end success of solutions from ideation to launch through collaboration with engineering, product, and infrastructure support teams.
• Communicate progress and risk posture to key stakeholders, providing executive-level updates and a comprehensive view of technology risk impacts.
• Drive innovative solutions and foster a culture of continuous improvement, learning, and experimentation within the team.

Benefits

• We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location.
• Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions.
• We also offer a range of benefits and programs to meet employee needs, based on eligibility.
• These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more.
• Additional details about total compensation and benefits will be provided during the hiring process.