Tech Risk & Controls Lead - Product Assessments

About The Position

Requirements

• Obtain 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation within a financial institution.
• Proven ability to lead projects and teams, manage multiple assessment reviews, and collaborate effectively across functions in complex environments.
• Exceptional written and verbal communication skills, with the ability to translate complex technical and regulatory information into clear, actionable messaging for diverse audiences including senior leaders, stakeholders, and clients.
• Detail-oriented with strong documentation skills and a demonstrated ability to learn and apply new concepts quickly.
• Skilled in critical thinking, root cause analysis, and structured problem-solving to drive continuous improvement.
• Ability to ensure decisions or constraints affecting program delivery are effectively escalated and addressed in a timely manner.
• Strong background in information security, IT General Controls, risk and control frameworks, and regulatory compliance, including hands-on experience with SOX, SOC, PCI, and regulatory technology assessments.
• Growth mindset with the ability to drive strategy and execute at scale.

Nice To Haves

• CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred

Responsibilities

• Lead and execute product assessment reviews across the full lifecycle (planning, design, execution, reporting), ensuring accuracy, reliability, consistency, and compliance throughout all phases.
• Operate independently to document product assessment results with clear findings, improvement opportunities, and remediation actions.
• Communicate product assessment program status, key findings, and improvement opportunities to senior management and governance committees.
• Identify, manage, and mitigate delivery risks, proactively addressing potential roadblocks and implementing contingency plans to maintain program momentum.
• Foster a culture of continuous improvement and operational excellence, providing training and driving innovation in methodologies and processes.
• Review assessments and reports to validate they are completed on schedule, based on verified data, and address relevant regulatory requirements, risks, and controls.
• Ensure methodological rigor, consistent application of standards, and thorough review and validation of deliverables.
• Evaluate ongoing improvements to processes and tools, and verify that team members are well-trained and knowledgeable about current regulations and assessment practices.
• Ensure assessments are objective, transparent, and ethically conducted, maintaining confidentiality and data privacy, and compliance with all relevant laws, regulations, and internal policies.