Director, Technology Risk Management - REMOTE

Description

Our nationwide Financial Services client is seeking a Director of Technology Risk Management to lead the identification, assessment, and proactive mitigation of technology risks across the organization. This role ensures alignment with the company’s risk appetite, regulatory requirements, and strategic business goals.

Key Responsibilities and Expectations

• Leads execution of the Technology Risk Management framework, aligned to industry standards (e.g., NIST CSF, FFIEC, SOX ITGC).
• Translates regulatory expectations into pragmatic, delivery-aligned controls and practices across Technology and Product teams.
• Drives definition, operationalization, and monitoring of technology risk appetite, tolerances, and KRIs.
• Oversees enterprise-wide identification and assessment of technology risks across: Cloud and Infrastructure, Cybersecurity and data protection, AI and emerging technologies, and Third-party/vendor ecosystems.
• Delivers data-driven risk insights and reporting that clearly articulate risk posture, trends, and emerging risks to senior leadership.
• Evolves risk reporting from static outputs to forward-looking, decision-enabling intelligence.
• Drives continuous improvement of control maturity to meet regulatory expectations, including sustained SOX ITGC effectiveness.
• Partners with Technology teams to design and implement scalable, automated controls.
• Ensures timely and high-quality execution of regulatory exams, internal audits, and remediation commitments.
• Oversees end-to-end issue management lifecycle, including identification, prioritization, root cause analysis, and sustainable remediation.
• Drives accountability for timely remediation of high-risk issues and reduction of aged items.
• Ensures systemic fixes over point-in-time remediation.
• Leads adoption of automation and tooling to enhance risk identification, monitoring, and reporting.
• Evaluates and improves end-to-end technology processes to reduce risk, increase resilience, and enhance operational efficiency.
• Promotes integration of risk management into SDLC, product development, and change management processes.
• Establishes governance and risk oversight for AI and emerging technologies, ensuring alignment with internal standards and evolving regulatory expectations.
• Assesses risks associated with new technology initiatives and provides actionable guidance to enable safe adoption.
• Serves as a trusted partner to Technology and Business leaders to proactively manage risk.
• Leads engagement with Internal Audit, External Audit, and second line of defense functions.
• Builds and develops a high-performing team, fostering a culture of ownership, transparency, and continuous improvement.
• Performs other duties as assigned.

Qualifications - Experience/Skills/Competencies

• Minimum 10 years of experience in Technology Risk, Cybersecurity, IT Audit or related disciplines within financial services or regulated environments.
• Proven experience operating in or alongside first line technology functions, with strong business partnership orientation.
• Demonstrated success in evolving risk programs to strategic, insight-driven functions.
• Deep understanding of technology risk domains, including: Cloud and infrastructure risk, Cybersecurity and data protection, Third-party/vendor risk, and AI/emerging technology risk.
• Strong knowledge of regulatory frameworks (FFIEC, NIST CSF, SOX ITGC).
• Ability to translate complex technical risks into clear, concise executive-level reporting.
• Strong judgement, with the ability to balance risk management with business enablement.
• Proven ability to lead and develop high-performing teams.
• Strong stakeholder management skills, with experience engaging senior leadership and regulators.
• Able to drive accountability, foster collaboration, and promote a culture of continuous improvement.

Qualifications - Education - Required

• Bachelor's Degree