VP of Technology, Risk and Compliance
Description:
Job Description
Job Description: Technology Risk Professional
The Technology Risk function plays a pivotal role in ensuring the firm accurately identifies, measures, and mitigates technology-related risks while assessing the effectiveness of associated controls. We are looking for a highly skilled Technology Risk Professional to join our team and contribute to driving transformation by leveraging technology and enhancing processes.
Key Responsibilities:
Oversee the full lifecycle of risk management, including risks, controls, and remediation efforts.
Cultivate strong relationships with stakeholders across Technology, corporate, and business functions.
Assist in the identification, assessment, management, and reporting of technology risks.
Provide impact and criticality assessments to support informed risk decision-making, adhering to internal and external policies.
Collaborate with Technology stakeholders to define and develop key risk indicators (KRIs) and key performance indicators (KPIs).
Ensure compliance with risk frameworks, identifying areas for improvement or gaps.
Key Areas of Focus:
Risk Management & Framework Oversight:
Support the Head of Information Security and Technology Risk in risk monitoring and control framework oversight.
Manage and enhance risk and control frameworks to ensure alignment with industry standards such as ISO and NIST.
Perform risk assessments, gap analyses, and evaluate the effectiveness of controls while recommending mitigation strategies.
Balance risk management goals with business needs to ensure a pragmatic approach to technology risk.
Technology Risk Monitoring & Reporting:
Lead risk monitoring activities and reporting, including developing risk metrics (KRIs and KPIs) and dashboards for effective communication.
Chair weekly Technology Risk and Audit meetings to monitor progress, resolve issues, and ensure cross-team alignment.
Audit, Remediation & Compliance:
Manage and track internal and external audit requests, ensuring responses are thorough and accurate.
Partner with business units to address technology risks, provide recommendations, and develop solutions for audit findings.
Policy & Process Management:
Continuously refine the firm’s policy framework by reviewing and updating policies, procedures, standards, and guidelines.
Lead and manage annual entitlement reviews, collaborating with department heads to ensure accuracy and compliance.
Incident Response & Operational Risk:
Lead the creation of Operational Risk Incident reports following security incidents, overseeing documentation during and after events.
Work with stakeholders to identify root causes and develop strategies for effective risk mitigation.
Third-Party & Vendor Risk Management:
Manage the technical third-party risk management process, including vendor assessments and ongoing monitoring.
Ensure vendor and third-party relationships are compliant with the firm’s risk management and regulatory standards.
Qualifications: We are seeking highly motivated and results-driven professionals with a proven track record of excellence. Ideal candidates should possess the following:
Bachelor’s degree in Computer Science, Engineering, Information Systems, Policy, or a related field (preferred).
5-7 years of experience in technology risk management.
Deep knowledge of cyber risk frameworks (e.g., ISO 27001, NIST 800-53) and IT governance standards.
Familiarity with regulatory requirements such as SOX and SOC II Type II reports.
Experience with risk management platforms (e.g., RSAM or similar).
Strong expertise in identity and access management, technology, cyber, and regulatory risks.
Familiarity with data privacy regulations and compliance standards.
Exceptional communication, technical writing, and presentation skills.
Strong knowledge of compliance policies (finance background is a plus) and information security best practices.Company Description
The ambition of RennerBrown is to provide the resources and opportunities necessary to attract, train, and retain our associates to ensure they fulfill our quality commitment to our clients. We provide IT solutions in NYC, NJ, Pa and beyond, and valuing quality above quantity will continue to make RennerBrown the premium choice for resources and opportunities: “our people deliver quality to our clients.”
Full-time