CTC Product Tech Risk and Controls Director

Join a role that's central to our technological resilience, offering a unique opportunity to shape the firm's tech risk strategy and enhance industry compliance.

As a Tech Risk & Controls Director in the Cyber and Tech Controls line of business, you will play a pivotal role in shaping and implementing the firm's technology risk management strategy.

Leveraging your advanced knowledge and expertise in technology-risk disciplines, you will identify, oversee, and mitigate compliance and operational risks in line with the firm's standards.

You will collaborate with various stakeholders, including Product Owners, Business Control Managers, and regulators, to develop and maintain a comprehensive view of the technology risk posture and its impact on the business.

Your ability to make calculated decisions, manage globally dispersed teams, and drive strategic projects will be crucial in ensuring the firm's adherence to regulatory obligations and industry best practices.

Head of CTC Product Governance, you will manage an organization responsible for risk and compliance oversight for the Cybersecurity Technology & Controls (CTC) product lines focused on ensuring all operational implementations and measures are managed to the firm's risk and compliance requirements and can withstand Compliance, Conduct, and Operational Risk (CCOR), Audit, and regulatory scrutiny.

Duties of the CTC Product Governance team entail partnering with the product lines and centralized operational activities to ensure an accurate articulation of risk, appropriate prioritization of controls in accordance with the firm's Assurance Risk Pillar requirements and risk posture, effective assessment and treatment of controls, timely remediation of findings, and complete responses to Audit, Supervisory, and Regulatory requests for information.

In this role, you will lead compliance with the firm's technology risk management framework.

While doing so, you will maintain alignment with our control obligations and line of business expectations and priorities.

You will be responsible for having a deep understanding of the business, its underlying processes and the technology control environment across several categories such as risk and Identification and Assessment, control design and evaluation, issue management and control governance and reporting.

Job responsibilities


* Perform ongoing monitoring of the technology risk and control environment and identify technology risks which could manifest in the business and technology processes (Risk Impact Rating (Inherent Risk))


* Assess risk to determine whether there are material concerns (Risk Status) and understand issues or concerns that may impact the Residual Risk and provide supporting commentary for control committee reporting and judgmental conclusion for the line of business operational risk assessment


* Perform control-related activities: Assist with designing process controls, including how to measure its effectiveness; ...