Vice President - Impact Assessments

About The Position

Requirements

• Obtain 5+ years  of experience in technology risk management, information security, or a related field, with hands-on expertise in controls testing, observation assessment, and remediation.
• Excellent communication, collaboration, and report writing skills, with the ability to influence and engage stakeholders across various functions and levels
• Demonstrated ability to evaluate technology risks and control observations, with a solid understanding of industry standards and leading practices.
• Strong analytical and problem-solving skills, with a track record of resolving risk issues and supporting remediation strategies.
• Familiarity with risk management frameworks, regulatory requirements, and compliance standards such as SOX, SOC 1, SOC 2, COSO, NIST, COBIT, and SEC guidance for internal controls over financial reporting.
• Proven ability to leverage IT expertise to support compliance initiatives and enhance control environments.

Nice To Haves

• Hold relevant industry certifications – such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)  or other recognized credentials in risk management or information security.
• Knowledge/experience in modern programming language
• Experience with cloud platforms, including Azure, AWS, or Google Cloud.
• Excellent communication and presentation skills, with the ability to influence stakeholders at all levels and effectively convey risk-related findings to both technical and non-technical audiences.
• Strong interpersonal skills and a collaborative approach to working with cross-functional and geographically dispersed teams.
• Commitment to ongoing professional development and staying current with industry trends.

Responsibilities

• Evaluate controls for effectiveness and impact on operational risk, as well as opportunities to automate control evaluation
• Collaborate closely with cross-functional teams to develop comprehensive assessment reports – including detailed findings, risk assessments, and remediation recommendations – making data-driven decisions that encourage continuous improvement
• Assess the impact of identified technology control observations on internal controls over financial reporting, ensuring timely escalation.
• Continuously monitor technology risks to ensure adherence to firm standards, regulatory requirements, and industry-leading practices.
• Develop and execute risk mitigation strategies, ensuring technology control observations are addressed through the design and implementation of effective processes and controls.
• Partner with internal control functions, internal audit, and external audit teams to support technology controls testing, as well as quarterly and annual SOX and SOC reporting programs.
• Contribute to initiatives that strengthen the management of technology risks within business processes and SOX/SOC programs by conducting ongoing process and control assessments, ensuring governance adherence, and alignment with firm standards and policies.
• Leverage artificial intelligence and monitoring tools to proactively identify, analyze, and mitigate risks by interpreting process data insights and metrics for control effectiveness.
• Lead and execute assigned technology risk assessment activities, including annual, quarterly, and ongoing reviews, walkthroughs, and oversight of control operating effectiveness.
• Develop materials and communicate impact assessment findings, recommendations, and status updates to senior leadership, business process owners, and relevant stakeholders.
• Collaborate with cross-functional teams across business and technology to design, implement, and evaluate effective technology controls, ensuring their positive impact on business processes.

Benefits

• We offer a competitive total rewards package including base salary determined based on the role, experience, skill set and location. Those in eligible roles may receive commission-based pay and/or discretionary incentive compensation, paid in the form of cash and/or forfeitable equity, awarded in recognition of individual achievements and contributions. We also offer a range of benefits and programs to meet employee needs, based on eligibility. These benefits include comprehensive health care coverage, on-site health and wellness centers, a retirement savings plan, backup childcare, tuition reimbursement, mental health support, financial coaching and more.