Technology Risk Manager

About The Position

Requirements

• Bachelor's degree, or equivalent work experience
• Typically, more than 10 years of applicable experience
• Advanced knowledge of applicable laws, regulations, financial services, and regulatory trends that impact their assigned line of business
• Advanced understanding of the business line’s operations, products/services, systems, and associated risks/controls
• Thorough knowledge of Risk/Compliance/Audit competencies
• Strong management skills in processes, projects and people
• Excellent presentation, interpersonal, written, and verbal communication skills
• Strong analytical, problem-solving and negotiation skills
• Proficient computer skills, especially Microsoft Office applications
• Agile frameworks and product management practices
• Defining and mapping data-specific risks (misuse, poor quality, unauthorized access, lineage gaps, residency violations) to enterprise taxonomy
• Working knowledge of DCAM and DAMA‑DMBOK and other industry data standards and frameworks; ability to operationalize frameworks into measurable controls and KRIs
• Practical control design for cloud data platforms (Snowflake/Databricks/Azure/AWS): RBAC/ABAC, data masking, tokenization, encryption, and key management
• Experience with data domain-based operating model and scalable data products
• Strong understanding of data governance (e.g., catalog, glossary, lineage, DQ rules & monitoring, DQ exceptions handling)

Nice To Haves

• Applicable professional certifications (e.g. CRISC, ITIL, CISSP, CGEIT, etc.)

Responsibilities

• Identify, monitor, and report on processes, risks, and controls within risk appetite
• Influence risk-based outcomes within the Technology group’s portfolios
• Provide guidance on how to effectively achieve and sustain compliance with regulatory, industry and contractual obligations, as well as information security policies and practices
• Collaborate to drive strategic outcomes for the good of the overall team
• Consult on strategic initiatives that are defined by the product area owner; ensure risks are appropriately documented, reported, and escalated
• Provide advisory and implementation support in the development of management responses to manage associated risk
• Perform risk assessments to evaluate compliance with existing policies and procedures and to accurately identify risks and drive remediation processes to ensure that compliance and security gaps are addressed
• Use data analysis to help aligned Program Leaders develop proactive and anticipatory approaches to risk management
• Support aligned Technology or Business Line team in demonstrating evidence of control effectiveness and identify and escalate control gaps in a timely manner
• Deliver targeted and actionable risk reporting across various leadership levels
• Serve as a functional liaison between the Business Line and second and third lines of defense

Benefits

• Healthcare (medical, dental, vision)
• Basic term and optional term life insurance
• Short-term and long-term disability
• Pregnancy disability and parental leave
• 401(k) and employer-funded retirement plan
• Paid vacation (from two to five weeks depending on salary grade and tenure)
• Up to 11 paid holiday opportunities
• Adoption assistance
• Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law