Tech Risk and Controls Director

Join us in a pivotal role where your expertise in security and risk management shapes our global cyber assurance capabilities.

As an Executive Director in Enterprise Technology, Cybersecurity & Tech Controls, you will be a key architect in revolutionizing our controls catalogue, aligning it with industry-leading standards, and driving strategic transformation across the organization. Leverage your deep expertise in technology risk management and information security to identify control gaps and collaborate with industry thought leaders to reengineer our controls framework. Your strategic vision for technology application within a multi-tiered organization will be crucial in navigating complex challenges and elevating the firm's risk posture. Through inspirational leadership and strategic stakeholder engagement, you will propel the Technology Risk & Services team to new heights and ensure compliance with regulatory obligations and industry benchmarks.

The Global Technology Controls Governance team is tasked with pioneering the enhancement of the framework for technology controls. This team is pivotal in the uplift and management of these controls.

Job Responsibilities

• Architect the transformation of the controls catalogue by benchmarking against industry-leading standards and identifying control gaps.
• Collaborate with subject matter experts to reengineer existing controls and restructure them across Standards, Objectives, and Procedures.
• Engage with stakeholders in Global Technology, Risk, and Audit to optimize controls processes and frameworks.
• Align control practices with organizational policies, industry standards, and regulations, identifying game-changing enhancement opportunities.
• Present control framework updates and performance to senior management and risk committees, driving strategic insights.
• Champion strategic initiatives to enhance the firm's risk posture and technology governance.

• 15+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on control innovation, assessment, and enhancement.
• Extensive knowledge of application architecture, infrastructure, security principles, and technology risks/controls.
• Proven ability to lead transformative projects and initiatives, with strong organizational and leadership acumen.
• Exceptional communication and presentation skills to convey complex risk information to stakeholders at all levels.
• Ability to rapidly adapt to and articulate changes in technology risk landscapes and emerging technologies.
• Strong stakeholder management skills, with the ability to engage and influence diverse groups.

• CISM, CRISC, CISSP, or other industry-recognized risk certifications.
• Experience in a multi-tiered organization, with a deep understanding of how technology is applied across different levels.