Tech Risk Assurance Lead

Opportunity to shape risk culture and ensure technological safeguards in a dynamic, collaborative environment.

As a Tech Risk Assurance Lead in our Cybersecurity and Technology Controls team, you will lead expert technical risk assurance and control oversight to ensure the firm's products and lines of business achieve their objectives while effectively managing risk. Utilizing your background in technology risk management, you will work with cross-functional teams to identify, assess, and mitigate emerging risks and vulnerabilities. Your tactical and strategic decision-making will significantly impact the firm's operations, financial management, and public image. You will play a crucial role in fostering a robust risk culture and catalyzing continuous improvement, contributing to the development and implementation of comprehensive risk management policies, standards, and controls.

This role is pivotal in ensuring the security and resilience of our technology infrastructure and will focus on the identification, analysis, and management of technology risks. The ideal candidate will have a strong background in cybersecurity and technology, with a keen ability to gather and review findings and telemetry data, conduct root cause analysis, and articulate risk effectively.

Job responsibilities

• Collect and meticulously review findings and telemetry data to ensure comprehensive risk assessment. Utilize advanced data analytics to identify patterns and anomalies that may indicate potential risks. providing a comprehensive risk assessment.
• Conduct thorough root cause analysis to identify the underlying causes and themes of issues and incidents, developing actionable insights and recommendations to address these root causes and prevent recurrence.
• Leverage subject matter expertise in cybersecurity controls and technology operations to identify emerging issues and articulate associated risks clearly. Communicate risk findings to stakeholders in a manner that is both informative and actionable.
• Collaborate with cross-product and functional teams to analyze high-priority risks, evaluate gaps in related standards and controls, and create outputs that propel remediation plans, controls, and standards development.
• Prepare detailed reports and documentation of risk assessments, findings, and recommendations. Ensure all documentation is accurate, comprehensive, and accessible to relevant stakeholders.
• Develop and maintain strong business and technology relationships, becoming a trusted partner. Communicate risk and control findings with key stakeholders, develop recommendations, and provide accurate metrics and management reports
• Stay abreast of the latest developments in technology and cybersecurity to continuously improve risk management processes. Implement innovative solutions to enhance the organization's risk posture.
• Champion the adoption of emerging technologies and industry best practices to enhance the firm's risk management capabilities and fuel continuous improvement initiatives.

Required qualifications, capabilities, and skills

• 5+ years of experience or equivalent expertise in technology risk management, cybersecurity, or a related field, focusing on risk assessment and mitigation.
• Strong analytical skills and experience in data analysis and root cause analysis.
• Subject mater expertise in at least one of the following domains: Technology Operations, Vulnerability Management, Data Protection & Cryptography, Security Operations, Security Config, Technology Development/SDLC, Technology Resiliency or Identity and Access Management
• Deep understanding of cyber risk scenarios for on-prem, SaaS and cloud-based solutions.
• Excellent command of cyber and operations risk management processes, principles, and architectural requirements.
• Demonstrated ability to work collaboratively with cross-functional teams.
• In-depth knowledge of current cybersecurity threats, trends, and best practices.
• Ability to prioritize and work under stringent timelines and lead within a cross-line of business technology organization.
• Keen understanding of national and international laws, regulations, policies, and ethics related to financial industry cybersecurity.

Preferred qualifications, capabilities, and skills

• AI Prompt Engineering
• Expertise in Agile methodologies and ability to work with common frameworks.
• Relevant certifications in cybersecurity or risk management are a plus.
• Experience operating in environments governed under compliance, regulatory, or risk reduction controls.