Tech Risk & Controls Lead - Product Assessments

Join our team to play a pivotal role in mitigating tech risks and upholding operational excellence, driving innovation in risk management.

As a Tech Risk & Controls Lead - Product Assessments in Cybersecurity Technology & Controls, you will be responsible for evaluating product delivery, quality, and integrity across a range of technology control assessment products (including SOX, SOC, PCI, FedRAMP, and other regulatory frameworks).

This function is designed to mitigate risks, drive continuous improvement, and enhance stakeholder confidence in the assessment process.

You will also provide subject matter expertise and technical guidance to technology-aligned process owners, ensuring that implemented controls are operating effectively and in compliance with regulatory, legal, and industry standards.

By partnering with various stakeholders, including Product Owners, Business Control Managers, and Regulators, you will contribute to the reporting of a comprehensive view of technology risk posture and its impact on the business.

Your advanced knowledge of risk management principles, practices, and theories will enable you to drive innovative solutions and effectively manage a diverse team in a dynamic and evolving risk landscape.

Job responsibilities


* Lead and execute product assessment reviews across the full lifecycle (planning, design, execution, reporting), ensuring accuracy, reliability, consistency, and compliance throughout all phases.


* Operate independently to document product assessment results with clear findings, improvement opportunities, and remediation actions.


* Communicate product assessment program status, key findings, and improvement opportunities to senior management and governance committees.


* Identify, manage, and mitigate delivery risks, proactively addressing potential roadblocks and implementing contingency plans to maintain program momentum.


* Foster a culture of continuous improvement and operational excellence, providing training and driving innovation in methodologies and processes.


* Review assessments and reports to validate they are completed on schedule, based on verified data, and address relevant regulatory requirements, risks, and controls.


* Ensure methodological rigor, consistent application of standards, and thorough review and validation of deliverables.


* Evaluate ongoing improvements to processes and tools, and verify that team members are well-trained and knowledgeable about current regulations and assessment practices.


* Ensure assessments are objective, transparent, and ethically conducted, maintaining confidentiality and data privacy, and compliance with all relevant laws, regulations, and internal policies.

Required qualifications, capabilities, and skills


* Obtain 5+ years of experience or equivalent expertise in technology risk management, information security, or related field, emphasizing risk identification, assessment, and mitigation within ...