Technology & Data Risk Controls Director

CoBank•Greenwood Village, CO

1d•$161,100 - $198,100•Hybrid

About The Position

The Technology & Data Risk Controls Director is a recognized subject matter expert responsible for shaping the enterprise-wide strategy, standards, and evolution of the technology and data control environment. This role applies deep expertise across regulatory, operational, and technology risk disciplines to define forward-looking control frameworks that align with corporate objectives and enable secure, scalable innovation. Leads the development of enterprise control principles, methodologies, and practices, ensuring alignment with ICFR, SOC 1/SOC 2, regulatory, and emerging risk expectations. Acts as a trusted advisor to senior leadership, influencing technology strategy, architecture decisions, and transformation initiatives to embed risk and control considerations at the foundation. Accountable for driving outcomes that materially impact the effectiveness of the organization's control environment. Champions innovation in control design, automation, and continuous monitoring, leveraging advanced analytics, AI-enabled capabilities, and evolving industry standards. Serves as a key enterprise liaison with Internal Audit, External Audit, and Second Line functions, representing the organization on complex, high-impact control matters.

Requirements

Bachelor's Degree in Computer Science, Information Systems, Accounting, Finance, Risk Management, or a related field required
Bachelor's degree may be substituted with four years of related experience (four years is in addition to what is minimally required for the role), or an equivalent combination of education and related experience required
12 years of experience in technology, risk management, internal controls, operational risk, audit, or a related discipline within a regulated financial services environment required
4 years of hands-on development in data centers and cloud environments required
Recognized subject matter expert in technology and data control environments.
Advanced knowledge of ICFR, SOC 1/SOC 2, regulatory expectations, and industry control frameworks (NIST, ISO, COBIT).
Demonstrated ability to influence executive-level stakeholders and shape enterprise strategy.
Proven track record of leading enterprise-scale initiatives and driving measurable outcomes.
Experience leveraging analytics and AI-enabled tools to enhance risk and control capabilities.
Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment visa at this time.

Nice To Haves

Professional certifications (CPA, CISA, CRISC, etc.) strongly preferred.

Responsibilities

Translates ICFR, SOC 1, regulatory, and operational risk requirements into practical guidance for technology and data control owners.
Leads the development of forward-looking control frameworks and methodologies that address emerging risks in cloud, data, AI, and digital transformation environments.
Provides thought leadership on the integration of control design into enterprise architecture, delivery models, and innovation strategies.
Leads Technology & Data Risk Control Self‑Assessments (RCSAs), ensuring credible, consistent evaluation of control design and operating effectiveness.
Establishes and maintains enterprise control standards, policies, playbooks, and governance models to ensure consistency, scalability, and effectiveness across all technology and data domains.
Ensures alignment of the control environment with regulatory expectations, industry frameworks (NIST, ISO, COBIT), and leading practices.
Leads resolution of highly complex and ambiguous control challenges, including those involving emerging technologies, cross-functional dependencies, and evolving regulatory landscapes.
Applies conceptual and strategic thinking to evaluate intangible risks, interdependencies, and long-term implications of technology and data initiatives.
Drives root cause analysis and systemic remediation strategies for significant control failures or operational incidents.
Serves as a trusted advisor to senior executives and technology leaders, influencing decisions on strategy, architecture, and large-scale transformation initiatives.
Creates and leads formal networks across Technology, Risk, Compliance, and Audit functions to align priorities and coordinate enterprise control initiatives.
Represents the organization in complex audit, regulatory, and external engagements, providing authoritative expertise on technology and data controls.
Leads the enterprise roadmap for control automation and continuous monitoring, driving innovation in evidence generation, control testing, and reporting.
Leverages analytics, AI-enabled tools, and advanced technologies to enhance risk sensing, improve control effectiveness, and reduce operational burden.
Champions adoption of “control-by-design” principles across product development, system implementation, and process transformation efforts.
Accountable for the effectiveness, scalability, and maturity of the technology and data control environment across the organization.
Drives measurable improvements in control reliability, audit outcomes, and operational risk reduction.
Oversees and guides the resolution of enterprise-level control issues, ensuring timely and sustainable remediation.
Provides strategic oversight of technology and data resilience frameworks, including business continuity and disaster recovery alignment with enterprise objectives.
Ensures integration of control considerations into resilience planning, testing strategies, and recovery processes.