Technology Risk & AI Governance

About The Position

Requirements

• Bachelor’s Degree required.
• 6–10 years of experience in enterprise Technology Risk Governance or Technology audit.
• Working knowledge of technology risk management frameworks (e.g., ISO 27001/27002, NIST CSF, COBIT, ITIL) and understanding of core IT risk domains such as cybersecurity, data protection, infrastructure, and cloud.
• Experience conducting risk assessments and control testing.
• Strong analytical skills, with the ability to evaluate complex technical risks and articulate them clearly to both technical and business audiences.
• Demonstrated ability to build effective relationships, collaborate with cross-functional teams, and influence stakeholders to drive remediation and strengthen control environments.
• Excellent written and verbal communication skills, with the ability to prepare clear and concise risk reporting.
• Ability to manage multiple priorities, operate with a high degree of ownership, and work both independently and collaboratively.

Responsibilities

• Support the execution and ongoing enhancement of the Company’s Technology Risk Management Framework, ensuring alignment with the 2nd LOD strategy and overall enterprise risk governance.
• Conduct targeted technology risk assessments to identify control gaps, assess risks, recommend mitigations, and track remediation through closure.
• Perform independent reviews of technology controls across IT domains, including security controls, access management, change management, ITSM processes, data protection, and cloud controls.
• Monitor the organization’s technology risk profile by evaluating emerging risks, industry trends, incidents, and changes to the technology landscape.
• Support issue management activities, including root cause analysis, remediation planning, and validation of implemented solutions.
• Review technology-related process and project changes to identify associated risks and provide 2nd LOD risk challenge.
• Assist with preparing TRM reporting and risk insights for senior management and board risk committees.
• Build and maintain strong working relationships with the Technology organization, fostering a collaborative risk culture
• Support ongoing enhancement of the Company’s AI Risk Management Framework, ensuring alignment with applicable regulatory expectations, responsible AI practices, and enterprise risk policies.
• Maintain the enterprise AI Use Case Inventory, perform 2nd LOD review and challenge of AI models and AI use cases
• Develop and deliver regular reporting on the AI Governance Program, including AI risk metrics, inventory changes etc.

Benefits

• Medical, dental, vision and life insurance
• Retirement savings – 401(k) plan with generous company matching contributions (up to 6%), financial advisory services, potential company discretionary contribution, and a broad investment lineup
• Tuition reimbursement up to $5,250/year
• Business-casual environment that includes the option to wear jeans
• Generous paid time off upon hire – including a paid time off program plus ten paid company holidays and three floating holidays each calendar year
• Paid volunteer time — 16 hours per calendar year
• Leave of absence programs – including paid parental leave, paid short- and long-term disability, and Family and Medical Leave (FMLA)
• Business Resource Groups (BRGs) – BRGs facilitate inclusion and collaboration across our business internally and throughout the communities where we live, work and play. BRGs are open to all.