Head of Risk Management – Regulatory Compliance

Role Overview

• Lead the enterprise-aligned Risk & Regulatory Compliance function across Cyber, AI, Data, Technology and Resilience domains
• Establish a unified risk taxonomy, risk assessment methodology, compliance gap assessment process and reporting structure that integrates with Enterprise Risk Management (ERM) and Compliance
• Serve as a trusted advisor on emerging risks, regulatory expectations, and strategic implications
• Ensure risk and compliance decisions follow defined governance pathways with clear ownership, escalation and documentation
• Maintain alignment with internal policies, external regulations, and industry frameworks
• Oversee regulatory compliance obligations related to cybersecurity, data protection, AI governance, operational resilience, cloud and technology operations
• Maintain a regulatory inventory and ensure traceability from requirements to controls, testing and evidence
• Partner with Legal, Compliance, ERM and Audit to ensure readiness for examinations, attestations, certifications and regulatory inquiries
• In partnership with Compliance, monitor regulatory developments and translate them into actionable requirements, controls and implementation plans
• Oversee risk assessments across ETX-owned risk domains, including AI, cyber, data quality/privacy, operational technology and resilience risks
• Implement quantitative and qualitative risk measurement approaches to support prioritization and investment decisions
• Partner with ETX teams to ensure controls are well-designed, tested and continuously improved
• Oversee remediation tracking and ensure timely closure of issues
• Monitor emerging technologies and evolving threat landscapes to anticipate new risk and compliance requirements
• In partnership with Head of Enterprise Resilience, oversee risk and compliance assessments related to business continuity, disaster recovery, incident response, and operational resilience
• Ensure resilience metrics, testing, and scenario exercises are integrated into the broader risk and compliance program
• Deliver clear, concise and actionable reporting to ETX leadership and other key stakeholders
• Translate technical risk and compliance insights into business-relevant narratives and recommendations
• Maintain, KRIs, KPIs, dashboards and heatmaps that reflect real-time risk and compliance posture
• Lead, mentor and develop a high-performing team of risk professionals across Cyber, AI, Data, Technology, Resilience and Regulatory Compliance domains
• Foster a culture of accountability, curiosity and continuous improvement
• Build a strong cross-functional partnership to strengthen risk and compliance awareness and ownership

Requirements

• Proven leadership experience managing multi-disciplinary risk and compliance teams
• Deep understanding of technology architectures and operations, cloud environments, data ecosystems and AI/ML systems
• Strong knowledge of regulatory and industry frameworks (NIST CSF, COBIT, privacy and cybersecurity regulations, AI governance standards, operational resilience requirements)
• 10+ years of experience in Technology Risk, Cybersecurity, Regulatory Compliance or related fields
• Exceptional communication skills with the ability to influence senior leaders and simplify complex topics
• Demonstrated ability to design and operationalize risk and compliance frameworks at scale
• Bachelor’s or master’s degree in computer science or related field
• Must be able to work in the US without sponsorship

Tech Stack

• Cloud
• Cyber Security

Benefits

• Access to learning content on Degreed and other informational platforms
• Focused one-on-one meetings with your manager
• Networking opportunities including access to Asian, Hispanic/Latinx, African American, women, LGBTQIA+, veteran and disability-focused Business Resource Groups
• Your ethics and integrity will be valued by a company with a strong and stable ethical business with industry leading pay and benefits