Director, Technology Risk & Control

Organizational Context:

The Production Management organization requires a highly qualified leader who can bring technical competencies as well as leadership to matters regarding Technology Resilience practices across the Enterprise.

This role will lead the Technology Resilience team to ensure compliance with U.S. and Global Regulations regarding Disaster Recovery and Operational Resilience. This role will interface with all Enterprise partners across the three lines of defense including Risk Management (GRC), Control Management and Operational Excellence, Audits, as well as Domestic and International regulators.

The successful candidate will interface with colleagues around the company and around the globe in all functions.

Key Responsibilities:

• Oversees and mentors a team of Technology Resilience colleagues, enabling a culture of continuous learning, growth opportunities, and inclusivity for individuals and teams through mentoring, feedback, and metrics, and ensuring adherence to best practices and standards
• Provides direct leadership and coaching to teams, supporting training and development of best practices
• Transform direct team and fellow technologists to a mindset of resilience. Leveraging Operational Resilience practices, ensure that relevant third parties are reviewed for adherence to the regulations.
• Manages resource allocation, project timeline, and budget for projects, ensuring alignment with organizational goals
• Ensure that all areas of Technology are delivering on the standards set forth by the Business Disruption policy and associated standards.
• Partners with second- and third-lines of defense to ensure all applicable regulations are being met.
• Provides leadership and strategic direction to the Technology Risk & Control function, aligning with the organization's mission, vision, and business objectives
• Conducts comprehensive risk assessments, ensuring thorough evaluation of risks and accurate, actionable reporting to executive leadership
• Develops and implements risk mitigation strategies to protect the organization's technology infrastructure and support long-term business strategies
• Directs and oversees the identification and evaluation of controls and adherence to controls, ensuring comprehensive risk management across the organization
• Oversees the enhancement and implementation of risk management frameworks and documentation, ensuring standardization and consistent application across the organization
• Guides training and development programs to enhance the skills and knowledge of the Technology Risk & Control team, ensuring continuous professional growth and effective risk management
• Collaborates and co-creates effectively with teams in product and the business to align technology initiatives with business objectives

Education and Knowledge:

• Bachelor's Degree in Computer Science, Information Systems, Cybersecurity, and/or comparable experience; advanced degree or professional certification preferred
• Advanced knowledge of global technology standards and applicable regulations
• Expertise in enterprise risk management with an emphasis on operational risk management and technology risk
• Expertise in Operational Resilience, Business Continuity Management and Technology Resilience / Disaster Recovery principles

Work Experience:

• Experience in technology risk & control and information security
• Experience in Operational Resilience, Business Continuity Management and Technology Resilience / Disaster Recovery
• Experience in third-party risk management
• Experience in processing regulatory requirements and compliance standards in the technology sector
• Experience with Business Continuity / Disaster Recovery tools such as ServiceNow, Archer, MetricStream, Fusion
• Experience working with auditors and/or regulatory examiners