Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firm's robust risk strategy.

As a Tech Risk & Controls Senior Associate in Enterprise Technology Cloud Foundational Services, you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Compliance in line with the firm's standards. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm’s risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensure compliance with regulatory obligations and industry standards.

Job responsibilities

Assess and monitor technology risks, ensuring compliance with firm standards, regulatory requirements, and industry best practicesCollaborate with stakeholders to develop and implement risk mitigation strategies, controls, and action plans for technology-aligned processesMonitor and evaluate the effectiveness of implemented controls, contribute to the recommendations for improvements and addressing gaps in risk managementCommunicate risk-related findings and updates to relevant stakeholders, ensuring alignment with organizational objectives and risk appetite Proactively monitor and evaluate control effectiveness, identify gaps, and recommend enhancements to strengthen risk posture and regulatory complianceSupport team on periodic audit readiness, regulatory assessments, and exam management.Work closely with Azure Engineering and Product Security teams to identify and validate security and controls requirements through testing and evidencing Azure policies.Deliver periodic departmental Key Performance Indicators (KPI) and Key Risk Indicators (KRI) metric tracking and timely reporting, highlighting successes and delivery risk acceptance and risk mitigation strategies.Assess Cloud Security Control Design adherence to the industry standards and local policy and regulations.Facilitate communication between all stakeholders to ensure that work is prioritized appropriately to meet business objectives, managing competing priorities of Cloud Tech Risk and Controls

 

Required qualifications, capabilities, and skills

3+ years of experience or equivalent expertise in technology risk management, information security, or a related field, with a focus on risk identification, assessment, and mitigationExperience in risk identification, assessment, and control evaluation, with a strong understanding of industry standardsDemonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholdersProficient knowledge of risk management frameworks, regulations, and industry best practices 5+ years in evaluating technology risk and controls managementIntermediate skill level in (Microsoft Excel, PowerPoint, Word, SharePoint, Confluence, and JIRA)Excellent communication skills and team collaboration skills

 

Preferred qualifications, capabilities, and skills

CISM, CRISC, CISSP, or other industry-recognized risk certificationsMicrosoft Azure Fundamentals, AWS Cloud Practitioner or any similar Cloud certification Experience with centralized policy and standard searching tools (CORE, Archer, authentication and authorization tools such as RSAM, ServiceNow, IDAnywhere)Experience with Application, Database and Platform onboarding lifecycle and related evaluation (SEAL, Harmony, Permit-To-X)Ability to build out workflows via (Visio, Lucid)Experience in a large Technology environment