Sr. Technology & Operations Risk Manager

About The Position

Requirements

• 10+ years in 1st or 2nd Line Risk Management or IT Audit, with expertise in at least two areas: cybersecurity, technology, cloud risk, or emerging technologies (e.g., GenAI, Quantum).
• Strong knowledge of cybersecurity and technology; dedicated to continuous learning.
• Experience with 2LOD oversight models and disciplined documentation for oversight activities and credible challenge.
• Strong leadership, relationship management, strategic thinking, diplomacy, and negotiation skills.
• Effective team leader who drives business objectives, promotes communication and teamwork, and mentors and develops team members’ skills.
• Demonstrates outstanding analytical and problem-solving abilities, consistently utilizing evidence-based decision-making.
• Outstanding interpersonal, influencing, and negotiation abilities with executive presence.
• Holds an industry certification (CISSP, CISM, CRISC, CISA) or equivalent expertise.
• Bachelors in a relevant field or equivalent experience. A combination of education and experience may meet qualifications.
• Familiarity with financial services regulations and frameworks (FFIEC, NIST CSF/AI RMF/800-53, CSA CMM, COBIT, COSO), and practical application skills.

Responsibilities

• Provide independent 2LOD oversight of Cybersecurity, Technology and Supplier risk management.
• Define and communicate independent risk views for assigned oversight domains, including emerging risks and thematic trends.
• Evaluate alignment of 1LOD activities with enterprise risk frameworks, risk tolerances, and regulatory expectations.
• Lead and/or perform risk and control assessments, targeted reviews, and 2LOD control testing activities, to assess risk mitigation effectiveness.
• Provide embedded risk monitoring by participating in recurring and planned activities delivering real-time credible challenge and escalating material concerns when warranted.
• Monitor Key Risk Indicators (KRIs) and metrics against stated risk appetite and tolerance thresholds.
• Prepare and deliver quantitative and qualitative risk reporting to management committees, executives, and the Board.
• Identify, challenge, and escalate material risks and control weaknesses in a timely and constructive manner.
• Oversee issue identification and remediation to ensure root causes are properly addressed.
• Establish and maintain strong working relationships with technology, cybersecurity, and supply chain business partners.
• Engage with stakeholders to embed effective risk management practices into daily operations and strategic initiatives.
• Provide industry and regulatory expertise to inform risk decisions and governance discussions.
• As leader within DTCRO, collaborate with other leaders to continually mature best practices and foster a respectful, inclusive, and positive team culture.
• Lead and develop a high-performing team through hiring, coaching, performance management, and succession planning.
• Maintain accountability for budget oversight while adapting to evolving regulatory priorities, business needs, and emerging risks in support of the DTCRO organization.

Benefits

• Medical, Dental and Vision Insurance - START DAY ONE!
• Life and Disability Insurance
• Paid Parental Leave
• Adoption Assistance
• Health Savings (HSA)
• Flexible Spending (FSA)
• Dependent care accounts
• Paid Training
• Paid Time Off (PTO)
• 11 Paid Federal Holidays
• 401(k) plan with company match
• Profit Sharing
• Mental health benefits including coaching and therapy sessions
• Tuition Reimbursement for qualifying employees
• Employee Ambassador preferred banking products