DescriptionJoin our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation in risk management.
As a Tech Risk & Controls Manager in Corporate Technology Identity & Access Management team, you will be responsible for identifying, and mitigating compliance and operational risks in line with the firm's standards. You'll be at the forefront at keeping us compliant with cybersecurity requirements while enabling the implementation of the Firm's strategic vision. Key responsibilities include managing Roles Based Access (RBAC) for the Corporate Functions, in addition to ensuring strategic solutions are implemented to manage risk within tolerance. This role will be responsible for building relationships and communicating with internal teams while driving compliance. We are looking for an individual with strong analytic and collaborative skills who has the ability to manage multiple levels of responsibility and is comfortable leading a small team.
Job responsibilities
- Ensure effective identification, quantification, communication, and management of technology risk, focusing on root cause analysis and resolution recommendations
- Become the subject matter expert for Role-Based Access (RBAC) for Corporate business functions, driving strategy and adoption
- Analyze access configuration and entitlement data to prepare reports for internal customers, often in collaboration with development teams for reporting automation
- Be the primary contact for Role Based Access to interact with stakeholders in the Risk Management & Compliance organization, and be able to clearly communicate status updates and road-showing the product
- Represent the needs of Corporate Technology and the Corporate Functions as a customer to the relevant Product teams
- Interact with Technology Leadership, Line of Business (LOB) experts, and Application Development teams on an on-going basis for business as usual remediation activities, Audit and other risk-related activities, reporting and project initiatives
- Develop and maintain robust relationships, becoming a trusted partner with LOB technologists, assessments teams, and data officers to facilitate cross-functional collaboration and progress toward shared goals
- Execute reporting and governance of controls, policies, issue management, and measurements, offering senior management insights into control effectiveness and inform governance work
- Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory compliance
Required qualifications, capabilities, and skills
- 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation
- Experience in Identity and Access Management and/or Technology Risk Management
- Self-motivated and confident with the ability to demonstrate leadership, challenging and influencing change
- Excellent verbal and written skills are critical since this job primarily entails abstracting and communicating technical information to non-technical audiences and their leadership
- Familiarity with risk management frameworks, industry standards, and financial industry regulatory requirements
- Proficient knowledge and expertise in data security, risk assessment & reporting, control evaluation, design, and governance, with a proven record of implementing effective risk mitigation strategies
- Demonstrated ability to influence executive-level strategic decision-making and translating technology insights into business strategies for senior executives
Preferred qualifications, capabilities, and skills
- CISM, CRISC, CISSP, or similar industry-recognized risk and risk certifications are preferred
- Strong understanding of platform, database and domain access
- Knowledge of data transformation/automation tools (Alteryx, Xceptor, etc.)
- Experience with SailPoint Products