Sr. Director – Technology Risk Management

At Early Warning, we’ve powered and protected the U.S. financial system for over thirty years with cutting-edge solutions like Zelle®, Paze℠, and so much more. As a trusted name in payments, we partner with thousands of institutions to increase access to financial services and protect transactions for hundreds of millions of consumers and small businesses.

Positions located in Scottsdale, San Francisco, Chicago, or New York follow a hybrid work model to allow for a more collaborative working environment.

Candidates responding to this posting must independently possess the eligibility to work in the United States, for any employer, at the date of hire. This position is ineligible for employment Visa sponsorship.

Overall Summary

The Sr. Director of IT Risk serves as a senior leader within the Second Line of Defense (2LOD), responsible for supporting independent oversight, challenge, and governance of Technology Risk across a heavily regulated FinTech environment and reporting directly to the Vice President of Technology Risk

Essential Functions

• Oversee independent oversight and challenges to the design, implementation, and effectiveness of technology risk management practices across the enterprise.

• The role partners closely with the 1LOD Technology, Security, and Product teams to ensure that business goals and risks are adequately identified, while maintaining objective independence to oversee, assess, and challenge risk management decisions.

• Provide expertise for assessing control gaps and remediation plans; evaluating adequacy, sustainability, and timeliness of corrective actions.

• Collaborate with other risk and business leaders, to drive an end-to-end, holistic view of technology risks, controls and issues that may include non-technology processes and functions necessary to achieve a specific business outcome.

• Work with second line of defense risk functions to understand and monitor applicable requirements and assess business impact to support a consistent approach across Technology for appropriate projects and processes to address needed changes.

• Work closely with technology business leaders and our second line of defense teams 2nd line ORM team to maintain a comprehensive universe of risks, controls and RCSAs that reflect a complete and accurate view of technology risk and is aligned with relevant IT frameworks and internal policies.

• Demonstrated understanding of risk management frameworks (COSO, NIST, ISO 27001), regulatory expectations (FFIEC, OCC, Fed, CFPB), and cloud security principles (AWS/GCP/Azure).

• Manage and Mentor risk specialist to build and operate a high-performing IT Risk team.

• Aggregate risk data across Technology to support reporting and analytics for risk management use by the business (RCSA, issues, vendor, control testing, etc.); ensure comprehensive universe of KRIs to support effective Technology-wide reporting.

• Promote a strong risk culture and effective communication between 1LOD and 2LOD.

• Manages a team that guides the Technology organization in the execution of risk management disciplines.

• Supports materials for risk reporting and updates to senior management, risk committees, and external oversight bodies.

• Provide effective leadership in developing and leading a high-performing team in support of technology risk objectives.

• Support periodic oversight and challenge of risk assessments, including IT general controls, cloud risks, cyber risks, AI/ML risks, data management risks, and operational resilience assessments, and govern the tracking, challenge, and closure of technology and cyber findings and issues.

• Supports the company’s commitment to risk management and protecting the integrity and confidentiality of systems and data.

Minimum Qualifications

• Education and/or experience typically obtained through completion of a bachelor's degree.

• Typically, a minimum of 15 years of progressive risk management experience, preferably within financial services, or other complex, highly regulated environment, using the three lines of defense model.

• Demonstrated success developing and retaining highly engaged, high performing teams and aligning technology business risk organization to meet business objectives.

• Experience operating within a formal three-lines-of-defense (3LOD) model with in-depth understanding of 2LoD accountabilities.

• Strong Information Technology subject matter knowledge.

• Strong understanding of risk assessment techniques, practices. and control frameworks relevant to the financial services industry.

• Excellent collaboration skills and ability to work effectively across the three lines of defense.

• Self-starter with ability and desire to work independently.

• Ability to synthesize and analyze risk data.

• Working knowledge of regulatory requirements related to financial services technology.

• Persuasive communication, organization, and presentation skills, with experience working with C-level executives.

• Effective influence management skills with experience challenging peers and leaders with contrasting views.

• Background and drug screen.

Preferred Qualifications

• Knowledge of COSO’s Internal Control – Integrated Framework, or similar.

• Risk management, internal control, or Certified Regulatory Compliance (CRCM) certification(s).

• Experience documenting business processes and functions.

• Experience with regulatory reporting and regulatory interactions.

Physical Requirements

Working conditions consist of a normal office environment. Work is primarily sedentary and requires extensive use of a computer and involves sitting for periods of approximately four hours. Work may require occasional standing, walking, kneeling and reaching. Must be able to lift 10 pounds occasionally and/or negligible amount of force frequently. Requires visual acuity and dexterity to view, prepare, and manipulate documents and office equipment including personal computers. Requires the ability to communicate with internal and/or external customers and travel.

Employee must be able to perform essential functions and physical requirements of position with or without reasonable accommodation.

The above job description is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow instructions and perform other related duties as assigned by their supervisor.

The base pay scale for this position in:
New York, NY/ San Francisco, CA in USD per hour is: $226,000 - $282,000.

Additionally, candidates are eligible for a discretionary incentive plan and benefits.

This pay scale is subject to change and is not necessarily reflective of actual compensation that may be earned, nor a promise of any specific pay for any specific candidate, which is always dependent on legitimate factors considered at the time of job offer. Early Warning Services takes into consideration a variety of factors when determining a competitive salary offer, including, but not limited to, the job scope, market rates and geographic location of a position, candidate’s education, experience, training, and specialized skills or certification(s) in relation to the job requirements and compared with internal equity (peers). The business actively supports and reviews wage equity to ensure that pay decisions are not based on gender, race, national origin, or any other protected classes.

Some of the Ways We Prioritize Your Health and Happiness 

•  Healthcare Coverage – Competitive medical (PPO/HDHP), dental, and vision plans as well as company contributions to your Health Savings Account (HSA) or pre-tax savings through flexible spending accounts (FSA) for commuting, health & dependent care expenses.

• 401(k) Retirement Plan – Featuring a 100% Company Safe Harbor Match on your first 6% deferral immediately upon eligibility.

• Paid Time Off – Flexible Time Off for Exempt (salaried) employees, as well as generous PTO for Non-Exempt (hourly) employees, plus 11 paid company holidays and a paid volunteer day.

• 12 weeks of Paid Parental Leave

• Maven Family Planning – provides support through your Parenting journey including egg freezing, fertility, adoption, surrogacy, pregnancy, postpartum, early pediatrics, and returning to work.

And SO much more! We continue to enhance our program, so be sure to check our Benefits page here for the latest. Our team can share more during the interview process!

Early Warning Services, LLC (“Early Warning”) considers for employment, hires, retains and promotes qualified candidates on the basis of ability, potential, and valid qualifications without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote equal employment opportunity and affirmative action, in accordance with all applicable federal, state, and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our employees. 

Early Warning Services LLC is a proud participant in E-Verify, a federal program to help ensure a legal and authorized workforce. As part of our hiring process, we electronically verify the employment eligibility of all new hires through E-Verify. For more information on your rights and responsibilities under E-Verify please visit Home | E-Verify.