Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation in risk management.
As a Tech Risk & Controls Lead in CFP, you will be responsible for identifying and mitigating compliance and operational risks in line with the firm's standards. You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards. By partnering with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business. Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage risk for a diverse team in a dynamic and evolving landscape.
Job responsibilities
- Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations
- Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals
- Uses enterprise-authorized AI capabilities within the work environment to accelerate synthesis of risk/control evidence and draft executive-ready reporting, validating outputs and handling data according to sensitivity and security requirements
- Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work
- Promotes reuse-first, AI-assisted approaches to streamline recurring control testing and issue/action-plan management routines, ensuring human review and alignment to auditability and regulatory expectations
- Proactively monitor and evaluate control effectiveness in a continuous manner, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance
Required qualifications, capabilities, and skills
- 5+ years of experience or equivalent expertise in technology risk management, cybersecurity, or a related field, with a focus on regulatory compliance and risk mitigation
- Technical proficiency in AI risk governance, securing platforms, applications, and business processes with deep understanding of AI threats, mitigations, and defense mechanisms.
- Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
- Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
- Demonstrated experience using enterprise-authorized AI capabilities within the work environment to support technology risk and controls workflows with strong validation habits and awareness of data sensitivity.
- Ability to review and validate AI-assisted risk summaries and recommendations before use, escalating when uncertain and ensuring outcomes align to security, auditability, and regulatory expectations.
- Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives
Preferred qualifications, capabilities, and skills
- CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred