Tech Risk and Controls Director

Role Summary

Employee Platforms powers the technology and services that enable great employee e x periences at scale across the firm.

As E x ecutive Director of Risk & Controls for Workforce & E x perience Technology (W X T) & EP CTO, you will lead the first-line risk and control agenda, partner with the business in framing / managing business risk and drive technology risk strategy as part of the EP CTO workstreams.

You will own risk identification, control design and effectiveness, RCSA e x ecution, issue management, and regulatory/audit engagement in close partnership with engineering and product leaders, ensuring resilient, secure, and compliant platforms that support hundreds of thousands of colleagues globally.

Key Responsibilities


* First-line ownership of risk and control posture for W X T, aligning control objectives with EP strategy and platform roadmaps and embedding controls into platform architectures and operating procedures.


* Lead the full control lifecycle: design, implementation, monitoring, attestation, and continuous improvement, ensuring control effectiveness and sustainability.


* Establish, track, and report KRIs/KPIs and control health metrics; deliver transparent, data-driven dashboards and narratives for senior stakeholders and governance forums.


* Govern issue management and remediation: ensure timely, high-quality corrective actions with root-cause analysis, evidence, and durability testing; oversee closures and validation.


* Key trusted partner for the business in evaluating business objectives and corresponding risks, with the ability to frame and translate them into action plans and strategies that drive outcomes.

This includes owning and participating in business routines


* Partner with architecture, engineering and product to integrate and codify control requirements into technical standards, preferences, configuration baselines, CI/CD pipelines, and change management processes.

This will be key in the world of agentic and agents


* Coordinate internal and e x ternal audit/e x am readiness, walkthroughs, evidence management, and responses; maintain strong control narratives and documentation.


* Lead policy and standards adherence, e x ception governance, and e x ecution of firm control procedures; align with central frameworks while tailoring to W X T realities.


* Build and lead a high-performing control management team; develop talent, define operating model, and strengthen risk culture across EP.


* Collaborate across EP, CTC, Cybersecurity, Technology Operations, and Lines of Business to harmonize control approaches and share best practices; influence senior leaders on risk tradeoffs and investments.


* Anticipate emerging risks (e.g., endpoint security, identity lifecycle, SaaS governance, vendor/third-party, AI/automation), and drive proactive controls and resilience measures.

Required Qualifications


* 12+ years of progressive leadership in first-l...