CrawlJobs Logo

Director Technology Risk Reporting & Governance

United Kingdom, London · Job Posted July 03, 2026
Apply Position
Job Link Share

Job Responsibility

  • Govern the end-to-end TRC operating model (charter, membership, governance cycle) and ensure timely execution of the annual TRC calendar
  • Lead planning and run the full meeting lifecycle (pre-scrums, material collection, quality checks, timelines, minutes, and action item tracking)
  • Facilitate TRC meetings and drive alignment across stakeholders
  • escalate decisions, risks, and actions as required
  • Coordinate and quality-assure TRC and technology risk materials (content readiness, metrics, narrative clarity) for internal governance bodies and broader enterprise forums (e.g., Board Risk Committee, Executive Risk Committee, Entity Technology Risk Committees, Information Security Risk Committee)
  • Own quarterly TRC reporting deliverables, including Top TRC Risks, TRC-level risk assessments, and risk metrics reporting
  • Support the Technology Risk Champion and Business Risk Manager in executing ERM-required activities (e.g., risk program embedding, risk appetite, enterprise risk assessments, committees/escalation, coordination with 2LoD)
  • Coordinate Corporate Risk Assessment submissions for C1: Operational Resilience, including development of required inputs (risk drivers, trends, mitigations, residual/target ratings, trend status) and updating the risk register (e.g., OpenPages/Archer as applicable)
  • Drive the annual/bi-annual update of Key Mitigation Strategies (Success Factors) for C1: Operational Resilience, including status updates and documented impact to risk ratings
  • Coordinate quarterly Technology Key Business Risks content for ERM risk discussions and Quarterly Operational Reviews, ensuring technology-wide coverage (C1: Operational Resilience and Information Security) and tracking mitigation progress
  • Identify, assess, and socialize emerging risks for enterprise-wide Technology risks
  • ensure emerging risks are appropriately evaluated and proposed for risk register updates
  • Partner with stakeholders to ensure audit and regulatory responses related to technology risk and C1: Operational Resilience are complete, accurate, and delivered on time

Requirements

  • Demonstrated experience min 4 years in risk governance, technology risk management, operational resilience, or related control/risk disciplines within a complex organization
  • Strong program management and governance skills, including running structured cadences, managing dependencies, and driving action-item closure
  • Proven ability to build and quality-assure executive-level risk materials (dashboards, narratives, metrics, and committee packs)
  • Experience partnering with 2LoD teams (e.g., ERM, Compliance, Operational Risk, Information Security) and supporting audit/regulatory engagements
  • Comfortable operating across multiple stakeholders and influencing outcomes without direct authority
  • Clear written and verbal communication skills, with high level attention to detail and an ability to translate complex risk topics into concise messaging for senior audiences

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Director Technology Risk Reporting & Governance

8 matching positions

Director of Technology - Governance, Risk, and Compliance

We are seeking a Director of Technology - Governance, Risk, and Compliance to de...
Location
Location
United States , San Jose
Salary
Salary:
219000.00 - 290000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8 plus years of experience in Technical Governance, Risk, and Compliance, Risk Management, Audit, or Information Security
  • Minimum of 3 years in a director or senior manager role leading a GRC function or compliance program
  • Expert-level understanding of NIST CSF, SP 800-171, and CMMC Level 2 frameworks
  • Hands-on experience managing NIST CSF, 800-171 compliance programs or leading CMMC Level 2 assessments and certification initiatives
  • Strong knowledge of SOX Section 404 requirements, particularly IT General Controls (ITGC)
  • Deep understanding of ITAR and EAR export control regulations
  • Proficiency in risk management methodologies
  • Experience designing and operating control frameworks (ISO 27001, NIST CSF, SOC 2 Type II)
  • Strong communication skills to present complex compliance and risk concepts
  • Demonstrated ability to lead and mentor teams, manage budgets, and drive cross-functional initiatives
Job Responsibility
Job Responsibility
  • Develop and execute a comprehensive Cyber-focused Governance, Risk, and Compliance (GRC) strategy
  • Lead the design and implementation of System Security Plans (SSPs) and Plans of Action and Milestones (POA&Ms)
  • Establish and manage an enterprise-wide risk management program
  • Design and enforce a control framework
  • Conduct or coordinate regular compliance assessments and internal audits
  • Manage relationships with external auditors, assessors, and regulators
  • Develop and maintain comprehensive compliance documentation
  • Lead the design of third-party and vendor risk management processes
  • Drive compliance training and awareness programs across the organization
  • Stay current with emerging regulatory changes
  • Fulltime
Read More
Arrow Right

Executive Director, Governance, Risk and Compliance

Executive Director, Information Security is a leadership role responsible for th...
Location
Location
United States , Los Angeles
Salary
Salary:
270282.00 - 333051.00 USD / Year
amgen.com Logo
Amgen
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate degree & 6 years of information security experience
  • Master’s degree & 10 years of information security experience
  • Bachelor’s degree & 12 years of information security experience
  • 6 years of managerial experience directly managing people and/or leadership experience leading teams, projects, programs or directing the allocation of resources
Job Responsibility
Job Responsibility
  • Set vision and strategy for Amgen’s digital Governance, Risk and Compliance efforts globally
  • Provide oversight and assurance for Amgen’s Information Security program in alignment with ISO 27002:2022
  • Oversee Technology’s Document Management Services (DMS)
  • Work with Quality, Finance and Security leadership to provide oversight and effectively manage GxP, Security and SOX deviations and corrective and preventive actions (CAPAs)
  • Partner with Corporate Audit and the Technology Extended Leadership Team to manage audit responses
  • Oversee Amgen’s Global Records and Information Management operations
  • Work with key stakeholders to improve compliance capabilities (e.g., GxP agile validation and process simplification)
  • Manage and oversee Amgen’s Risk services, including third-party business enablement and Amgen’s digital risk register
  • Deliver timely transparency reports and metrics to key stakeholders and senior business leadership (e.g., Chief Financial Officer, Chief Information Officer, Chief Information Security Officer, Quality leadership, etc.)
  • Maintain outstanding service delivery and collaborate diligently with global functional teams to achieve continuous improvement of governance, risk, and compliance services
What we offer
What we offer
  • Comprehensive employee benefits package, including a Retirement and Savings Plan with generous company contributions, group medical, dental and vision coverage, life and disability insurance, and flexible spending accounts
  • A discretionary annual bonus program, or for field sales representatives, a sales-based incentive plan
  • Stock-based long-term incentives
  • Award-winning time-off plans and bi-annual company-wide shutdowns
  • Flexible work models, including remote work arrangements, where possible
  • Fulltime
Read More
Arrow Right

Director, Technology Platform & Governance

This is a Director of Technology Platform & Governance role responsible for gove...
Location
Location
Canada , Mississauga
Salary
Salary:
160000.00 - 350000.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of experience across multiple technology disciplines, with demonstrated expertise in business, functional, and people management within large-scale, complex organizations
  • Proven ability to lead and govern enterprise-wide technology programs, including defining strategy, managing multi-million dollar budgets, and delivering measurable business outcomes aligned to organizational goals
  • Strong experience in project and program management, encompassing scope definition, resource planning, risk mitigation, feasibility assessments, and cross-functional coordination with senior stakeholders and executives
  • Demonstrated proficiency working with technology platforms and tools including relational databases, SQL, JIRA, Confluence, cloud environments, and AI/ML enablement capabilities
  • Deep expertise in risk and control management, with the ability to assess, escalate, and resolve complex issues while ensuring adherence to regulatory requirements, policies, and ethical standards
  • Exceptional communication and negotiation skills, with a track record of influencing senior and executive leadership across functions and managing expectations with both internal stakeholders and external vendors
  • Demonstrated experience directing subordinate managers and cross-functional teams, including full performance management responsibilities such as hiring, compensation, and disciplinary actions
  • Experience partnering with business analysts, architects, QA engineers, and external vendors to deliver integrated technology solutions that meet business objectives and quality standards
  • Familiarity with agile, waterfall, and hybrid delivery methodologies, with the ability to adapt governance frameworks and project approaches to the complexity and nature of each initiative
  • Bachelor's degree in a relevant field required
Job Responsibility
Job Responsibility
  • Define and implement the overall vision, strategy, and roadmap for program governance, aligning initiative portfolios with organizational strategic goals and ensuring programs contribute to revenue growth, cost reduction, and improved business partner experience
  • Lead end-to-end execution of complex technology programs and projects, maintaining adherence to project plans, quality standards, timelines, and budget constraints, while managing scope changes through structured evaluation and approval processes
  • Develop comprehensive project plans, including feasibility studies, risk assessments, resource allocation, and mitigation strategies, in close collaboration with business stakeholders, architects, quality assurance engineers, and technology partners
  • Manage and communicate program status, risk disposition, and issue resolution to senior management and technology partners in a timely and transparent manner, ensuring executive-level visibility across all active initiatives
  • Collaborate with senior leadership on cross-functional initiatives and identify resolution pathways for issues that fall outside established project boundaries, providing strategic direction and stakeholder engagement support
  • Partner with technology teams on initiatives leveraging relational databases, SQL, reporting tools, JIRA, Confluence, cloud platforms, and AI enablement to drive program delivery excellence
  • Direct and develop a high-performing program team including senior analysts, leads, and project staff — through performance evaluation, compensation recommendations, hiring decisions, and disciplinary actions
  • Drive adherence to program processes, procedures, methods, and organizational standards
  • coordinate with external vendors
  • and research new methodologies to improve execution and delivery outcomes
  • Fulltime
Read More
Arrow Right

Director – TAD (Technology Application Development) Risk Standard Owner

This is a unique opportunity to influence the standards that govern software del...
Location
Location
United Kingdom , Knutsford; London
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in owning and managing Risk Controls Standards for a number of years, with expertise in continuously evolving them to meet innovation and upcoming regulatory requirements
  • Strong understanding of technology risk, operational resilience, governance and regulatory expectations within complex technology environments
  • Proven experience managing audit findings, risk issues, control weaknesses and remediation programmes, with a strong focus on root-cause resolution and sustainable control improvement
  • Deep understanding of software engineering, application development, technology governance, technology risk management or SDLC controls within a large and complex organisation
  • Deep understanding of how modern software is developed, tested, deployed and operated, with practical experience across development methodologies, release management and production support
  • Ability to bridge the gap between engineers, architects, risk professionals and senior executives, translating technical complexity into practical business outcomes
  • A passion for simplification, innovation and continuous improvement, with an interest in leveraging automation and Artificial Intelligence to modernise governance and improve technology delivery
Job Responsibility
Job Responsibility
  • Own and continuously evolve the Technology Application Development (TAD) Risk Standard, ensuring it remains fit-for-purpose, reflects industry best practice, regulatory and 2nd/3rd Line of Defence requirements and supports safe, efficient and scalable delivery across the software development lifecycle
  • Provide governance and oversight across the end-to-end software delivery lifecycle, ensuring that appropriate controls are embedded and effective in the SDLC and release management activities across the Bank
  • Drive effective management of technology risk, ensuring the standard appropriately addresses operational, security, architecture, resilience, compliance and delivery risks whilst remaining practical and efficient for engineering teams to adopt
  • Lead the identification, assessment and remediation of issues arising from audits, risk reviews, control assessments, incidents and operational events, ensuring root causes are correctly identified, assigned to the controls in the Standard if appropriate and addressed with sustainable improvements
  • Partner with engineering, architecture, cybersecurity, cloud, infrastructure, resilience and risk teams to ensure the TAD Standard aligns with the wider Barclays technology control framework and supports a consistent approach to technology governance
  • Use data, insights and performance metrics to measure adoption and effectiveness, ensuring that Standard metrics are correctly reported, identifying opportunities to simplify processes, reduce delivery friction and improve technology outcomes across the organisation
  • Champion operational excellence and continuous improvement, driving improvements in release quality, production stability, development practices and control effectiveness, by establishing tight relationships with the Business teams and ensure their adherence to the controls in the Standard
  • Help shape the future of software delivery at Barclays, promoting modern engineering practices, automation, DevSecOps approaches and the responsible adoption of Artificial Intelligence to improve both developer experience and governance effectiveness
  • Act as a trusted advisor to senior technology and business stakeholders, influencing decision-making, driving adoption of standards and fostering a culture of accountability, quality and continuous learning
  • Operate at the forefront of Barclays' technology transformation agenda, helping define how future development practices, engineering platforms, automation capabilities and AI-enabled solutions can be introduced safely and responsibly within a highly regulated environment
  • Fulltime
Read More
Arrow Right

Technology Risk Internal Audit Cloud Associate Director

Lead and oversee our team’s Cloud assurance service line, providing our clients ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
grantthornton.co.uk Logo
Grant Thornton UK LLP
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Professional qualification (CISA, CCAK, CCSK, CCSP etc.) with post qualification experience
  • Confident managing a large portfolio of internal audit and Technology Risk clients
  • Experience of scoping and delivering technology internal audits and Technology Risk engagements (ie first / second line assurance activities), and developing reports and presenting conclusions to relevant senior stakeholders
  • Experience of managing internal audits of large companies in addition to dealing with complex technical matters, in particular areas related to the configuration, resilience, and security of Cloud platforms and solutions (inc IaaS, PaaS, and SaaS)
  • Strong experience of a range of cloud governance, technical configuration, and cloud specific topics such as security, data protection/privacy, availability, resilience, disaster recovery, performance, cost management, third-party management, and change management
  • Experience of auditing public (such as AWS, Azure and Google Cloud) and/or private (such as VMWare) cloud platforms
  • Knowledge and familiarity with the Cloud Security Alliance Cloud Controls Matrix, cloud vendor Well Architected frameworks and Agile methodologies
  • Ideally a good track record of performing IT audits over DevSecOps / CICD pipelines, including release management, source code management, testing, security, use of tools and automation
  • Experience of delivering a technology audit / technology risk covering a broad range of areas, including cyber and network security, IT resilience, IT transformations, IT strategies, data protection, supplier management, and other
  • Extensive experience of using audit software and Microsoft packages
Job Responsibility
Job Responsibility
  • Take ownership and lead on allocated assignments and client accounts
  • Be responsible for overseeing the delivery of a number of technology internal audit / technology risk engagements and manage portfolio of technology audit / technology risk engagement and relationships with clients
  • Support and lead business development activities, winning new clients and upselling services to existing clients
  • Lead on planning conversations with clients, and in the preparation of draft terms of reference/audit planning documents
  • Providing subject matter expert input into technology audit / technology risk engagements and overseeing fieldwork performed by more junior team members
  • Oversee, and review the work of, junior members of the team, supporting development and ensuring quality in the work performed
  • Hold close-out meetings with clients to ensure that they have a full understanding of issues identified and these are agreed, and write reports summarising the key observations from the work performed
  • Presenting reports and findings at Audit Committees and other senior management committees
  • Support in the development of new technology audit / technology risk service lines and initiatives within BRS, with a focus (but not exclusively) on Cloud assurance
  • Assist with the financial management of client relationships, including monitoring WIP, raising invoices, ensuring an adequate margin is achieved on engagements, and preparing budgets
What we offer
What we offer
  • Flexible working
  • Reduced hours and job shares considered
  • Support to balance work and life
  • Inclusive culture
  • Real opportunity
  • Work life balance
  • Freedom to bring your whole self to work
  • Pursue your passions inside and outside of work
  • Secondments
  • Fundraising for local charities
Read More
Arrow Right

Director, Risk & Compliance Management

Parexel is in the business of improving the world’s health. We do this by provid...
Location
Location
United Kingdom
Salary
Salary:
Not provided
parexel.com Logo
Parexel
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Business, Technology, Quality, Engineering, Life Sciences or related discipline required
  • Master's Degree in Business, Technology, Quality or related discipline preferred
  • Relevant certifications such as PMP, ITIL, Lean Six Sigma, COBIT, ISO, SAFe or equivalent preferred
  • Proven leadership capability with experience building, developing and leading high-performing teams across complex, global and regulated environments
  • Deep expertise in governance, QMS, SOP management, compliance, operational process management and risk-based quality oversight
  • Strong understanding of SDLC governance, Agile, DevOps, cloud, SaaS and modern technology delivery models within regulated or GxP environments
  • Demonstrated ability to lead vendor governance, supplier oversight, third-party risk management and enterprise transformation or governance maturity initiatives
  • Excellent stakeholder management, executive communication, strategic thinking and problem-solving skills, with the ability to balance compliance, innovation and operational efficiency
  • Advanced level relevant experience in IT governance, compliance, process excellence, operational risk management or related disciplines, including significant experience within global organisations
  • Strong leadership and people management experience, including leading governance, operational excellence, compliance or transformation functions in complex matrix environments
Job Responsibility
Job Responsibility
  • Supporting the Executive Director in leading enterprise wide quality compliance, governance, operational process excellence, vendor governance and risk management functions across Parexel’s global Data & Technology (D&T) organisation
  • Providing strategic and operational oversight for governance frameworks, Quality Management System (QMS) alignment, SDLC governance, supplier oversight, risk management and compliance by design practices supporting regulated and non-regulated technology environments
  • Serving as a senior leader responsible for strengthening operational discipline, inspection readiness, regulatory confidence and enterprise governance maturity while enabling modern, scalable and agile technology delivery
  • Support enterprise audit, regulatory inspection readiness, inspection coordination, audit responses and remediation activities
  • Own and continuously improve QMS processes, SOP governance, controlled document lifecycle management and associated standards, templates and work instructions
  • Support enterprise SDLC governance, change management, release management and operational control processes across the technology lifecycle
  • Drive standardisation, harmonisation, process simplification and compliance by design across governance and delivery processes
  • Lead vendor qualification, governance, oversight and risk management for suppliers, cloud providers, strategic technology partners and outsourced delivery teams
  • Define and maintain supplier governance strategies, technical agreements, service expectations, performance monitoring and risk frameworks aligned to regulatory and operational expectations
  • Develop, maintain and continuously improve D&T quality and operational risk frameworks, including criteria, tolerance, appetite, dashboards and executive-level reporting
What we offer
What we offer
  • competitive base salary
  • car allowance
  • bonus
  • holiday
  • other leading benefits
  • Fulltime
Read More
Arrow Right

Director, Technology

Lead the design, development, and performance optimization of Oracle-based syste...
Location
Location
United States , St Petersburg, Florida
Salary
Salary:
250000.00 USD / Year
raymondjames.com Logo
Raymond James
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, MIS, Business Administration, or related
  • Five (5) years of development, engineering, or related experience
  • Oracle SQL and PL/SQL including analytics and windowing functions, dynamic SQL, table functions, and set operations
  • Oracle SQL performance tuning using profiling tools, optimizer hints, query refactoring, table partitioning, and index design (including index-organized tables)
  • Design and delivery of OLTP, OLAP, data mart, and data warehouse environments
  • Trade lifecycle, tax lot accounting, cost basis processing, and performance attribution systems
  • Data integration across enterprise and legacy platforms
  • ETL development and financial data transformation
  • Oracle APEX for low-code internal solution delivery
  • Control-M or comparable enterprise job scheduling tool
Job Responsibility
Job Responsibility
  • Lead the design, development, and performance optimization of Oracle-based systems supporting asset management operations including portfolio accounting, performance reporting, and trade lifecycle automation
  • Own end-to-end delivery for enterprise applications across Oracle environments, from requirement gathering through development, testing, deployment, and support
  • Apply advanced Oracle SQL and PL/SQL techniques
  • Lead performance tuning using Oracle profiling tools, optimizer hints, query refactoring, table partitioning, and advanced index strategies
  • Architect and maintain OLTP, OLAP, data mart, and data warehouse solutions tailored to financial services and investment operations needs
  • Design solutions for full trade lifecycle, including reference data mastering, tax lot accounting, cost basis processing, and performance measurement
  • Oversee development of ETL pipelines and data transformation processes, bridging legacy and enterprise platforms
  • Prototype and deliver internal tools and applications using Oracle APEX
  • Provide senior-level production support, leading root cause analysis and incident resolution for high-availability systems
  • Interact with business leaders and technical teams to develop detailed requirements and propose technical solutions to address process deficiencies and pain points
  • Fulltime
Read More
Arrow Right

Manager, IT Governance, Risk & Compliance

Reporting to the Director, IT Governance, Risk & Compliance, the GRC Manager is ...
Location
Location
Canada , Toronto
Salary
Salary:
85000.00 - 125000.00 CAD / Year
fourseasons.com Logo
Four Seasons
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree or equivalent business qualifications
  • Minimum 5 years of experience with PCI standard and GRC methodologies
  • Information Security Certification or Accreditation is an asset
  • Professional security management certifications are highly preferred (ie. CISSP, CRISC)
  • PCI Compliance: Strong understanding of PCI DSS requirements and the use of compliance tools to support adherence to the standards
  • Reporting & Analytics: Proficient in reporting tools for creating dashboards, analyzing program data, and generating compliance and risk reports that support leadership decision‑making
  • IT Governance: Strong knowledge of governance frameworks such as COBIT and ISO 27001, applying these structures to strengthen compliance and manage risks effectively
  • Ticketing & ITIL: Proficient in ITIL‑based ticketing systems such as ServiceNow to manage incidents, problems, and changes, ensuring smooth service delivery and timely issue resolution
  • Risk Management: Comprehensive understanding of IT and cybersecurity risk practices, including identifying and evaluating risks and supporting remediation efforts
  • Change Management: Experienced in managing and reviewing IT change requests to assess compliance and risk impact, ensuring proper approvals, documentation, and alignment with internal change governance processes
Job Responsibility
Job Responsibility
  • Lead the Corporate Office PCI compliance Program, including: Define, collect, and conduct internal reviews for the Corporate Quarterly PCI compliance cycles
  • Lead the planning, evidence collection, and internal review processes for the Corporate Annual PCI assessment
  • Scheduling and participating in all audit-related meetings to ensure consistent communication between teams and the QSA
  • Overseeing remediation of audit findings and tracking progress to closure
  • Work closely with the QSA to ensure the successful annual renewal of the company’s AoC (Attestation of Compliance) and RoC (Report of Compliance) as a Level 1 service provider
  • Facilitating the Corporate annual tabletop major incident response exercise with Corporate TID teams
  • Maintain and update the company’s IT policies, standards, and procedures
  • develop new documentation and RACI matrices
  • communicate changes to relevant stakeholders
  • conduct reviews as required
  • Fulltime
Read More
Arrow Right