Tech Risk and Controls Lead - Cloud Foundational Services

Tech Risk & Controls professionals play a critical role in the identification, assessment, oversight, monitoring, and reporting of compliance and operational risk in line with the firm's standards. They are accountable for supporting and advising technology-aligned process owners in managing operational aspects of governance, risk, and compliance. Tech Risk & Controls is also responsible for the design, implementation, and maintenance of controls and risk management frameworks, and they partner with Product Security to ensure design and implemented controls are operating in alignment with firm, regulatory, legal, and industry standards as required. Tech Risk & Controls also partners with a variety of stakeholders, including Product Managers (both business and technology aligned), Business Control Managers, 2nd Line of Defense (2LOD), Audit, Compliance, and regulators to develop and report a comprehensive view of the technology risk posture and the impact on the business. Operating within the Cloud Foundational Services product line, a part of Infra Platforms(IP), you will provide a pivotal role in ensuring our public cloud capabilities are operating safely and securely. As a Vice President in the Technology Risk & Controls team for Public Cloud Platform, acting as the central point of contact for audit clients, you will drive the delivery of internal audit programs and ensure that each assignment is delivered efficiently within set timescales.

Responsibilities:

• Partner with process owners to respond to internal and external audit requests for information
• Understand legal obligations applicable to the product and how the processes and associated controls provide evidence of compliance
• Document and monitor controls environment applicability to the product line to identify existing and emerging control procedure requirements
• Evaluate and document issues related to changes in the risk environment and operational risk priorities
• Drive the end to end engagement with 2nd line of defense during issue validation to discuss risk posture and ensure successful validation outcomes
• Communicate the progress of ongoing Audits and emerging themes with Senior Leadership
• Assess and influence technology risk priorities within the book of work that are aligned to control design in the LOB/product roadmap

Preferred Experience:

• 10+ years in Technology with strong experience in Operational Risk including Tech/Cyber Risk
• Strong experience in various Technology and Cyber domains, for e.g., Architecture, Vulnerability Management, Cloud, etc.
• Risk management expertise in AWS services is a big plus
• Relevant industry certifications are preferable
• Ability to work with data from disparate sources to build a cohesive view on risk
• Strong written and verbal communication skills with ability to effectively communicate and present security risk concepts with business and technology partn.

..