Supports the VP, Technology Risk with comprehensive risk assessments of IT domains such as IT asset management, cryptography and encryption, network infrastructure, cloud security, IT service management, disaster recovery, vulnerabilities, patch and configuration management, AI risks etc.
Leads the implementation of globally aligned Enterprise IT Risk Management framework standards and policies across the organization.
Provides subject matter expertise and technical guidance to technology aligned process owners. Regularly engages with risk owners globally to challenge and validate risk assessments and risk treatment decisions.
Collaborates with the first line teams in the Global Security Office (GSO) and Global Technology to develop and implement of automated risk reporting such as key risk indicators (KRIs), control indicators, and reporting to measure cyber and technology risk posture and highlight areas of concern and deliver executive-level insights to the Board and Senior Management
Supports regional business entities with meeting compliance requirements for regulations such as OSFI, DORA, NYDFS, MAS, etc.
Performs other duties as assigned to support the evolving needs of the organization

Bachelor’s Degree in Arts/Sciences (BA/BS) or equivalent in computer science, information systems, engineering, or a related field.
9+ Years of experience in 1st line cyber and tech technical roles, IT risk management, audit, and risk programs process automation are required
Strong technical competence and in-depth understanding of IT domains, risk frameworks and emerging risks required
Identifies and resolves technical, operational, and organizational problems. required
Guides, influences, and persuades others either internally in other areas or externally with customers or agencies required
Ability to make timely and effective decisions. required
Demonstrates strong analytical skills, attention to detail and accuracy required
Strong software development life cycle skills, specifically business requirements identification and documentation, functional and user test planning and execution, training material content development and delivery, and pre
and post
production planning and coordination. required
Project management skills. Demonstrates ability to evaluate project objectives and scope feasibility, gain understanding, schedule resources, and manage budget to plan. required
Advanced skills in Excel, SharePoint, Power BI and PowerPoint required
CISSP and CRISC certifications required

Director, Technology Risk

Key skills