Graduates working in KPMG's audit technology risk team assessing cyber and technology risks. Responsibilities include conducting audits, ensuring compliance, and building relationships with clients.
About the role
- Technology Risk Leader overseeing enterprise-wide technology risk management at Broadridge. Responsibilities include risk assessments, IT audits, AI model risk governance, and M&A due diligence.
Responsibilities
- Develop and lead the technology risk program, including risk assessments, risk appetite alignment, and remediation tracking.
- Manage internal and external IT audits covering applications, infrastructure, access controls, change management, and vendor risk.
- Establish and maintain model governance frameworks, ensuring model validation, monitoring, explainability, and fairness consistent with emerging regulatory expectations.
- Interpret guidelines (FFIEC, NIST, OCC, and other regulators), translate them into actionable controls, and lead exam preparation and response activities.
- Integrate security controls into development pipelines, conduct threat modeling, and perform secure design reviews throughout the CI/CD lifecycle.
- Define and monitor cloud security posture; lead architecture reviews, identity and access management, encryption, and incident response across multi-cloud and microservices environments.
- Assess and strengthen control environments for mainframe systems, batch processing, and change management.
- Conduct due diligence on security, architecture, and operations; lead post-acquisition integration risk mitigation activities.
- Maintain alignment of control frameworks with NIST CSF/800-53, FFIEC, CIS, and COBIT standards; produce governance metrics and executive dashboards.
- Evaluate vendor security controls, SLAs, and remediation progress for cloud and outsourced services.
- Participate in incident management, lessons-learned reviews, and disaster recovery/business continuity testing.
- Mentor team members and partner closely with security, engineering, legal, and compliance teams to embed a culture of secure design.
Requirements
- 8+ years in technology risk, IT audit, information security, or related functions (financial services experience strongly preferred).
- Proven knowledge of NIST 2.0, FFIEC guidance, CIS Controls, and COBIT frameworks.
- Hands-on understanding of AWS, Azure, and GCP architecture, security services, and shared responsibility models.
- In-depth experience with distributed systems, containers, Kubernetes, and resilient architecture design.
- Proficiency with secure SDLC and DevSecOps practices (SAST, DAST, dependency scanning, CI/CD).
- Exposure to AI/ML risk management, model governance, and related regulatory requirements.
- Familiarity with mainframe environments (e.g., z/OS) and associated control practices.
- Experience conducting technical due diligence and integration planning for M&A.
- Strong IT audit execution and remediation management capabilities.
- Solid grasp of IAM, encryption, monitoring, vulnerability management, and incident response practices.
- Exceptional communication and presentation skills with the ability to translate technical risk for executive audiences.
- Bachelor’s degree in Computer Science, Information Systems, Engineering, or related discipline required; advanced degree preferred.
Benefits
- Please visit www.broadridgebenefits.com for information on our comprehensive benefit offerings.
- All Colorado employees receive paid sick leave in compliance with the Colorado Healthy Families and Workplaces Act and other legally required benefits, as applicable.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Director of Enterprise Risk Management leading global risk insights and decision - making strategies at Medtronic. Driving data - driven ERM initiatives and executive - level reporting for healthcare innovation.
Senior Manager driving enterprise risk for Transport for NSW, focusing on risk maturity and culture improvements. Leading a high - performing team and influencing executive decision - making in a complex organization.
Associate in Model Risk Management role within Financial Services Group analyzing financial risks. Support senior members with model validation, risk assessments, and deliver reports.
Senior Supervisory Control Specialist overseeing compliance and supervisory practices within Wealth and Investment Management. Collaborating with business partners to mitigate risks while ensuring adherence to regulations.
Risk Management & Insurance Intern role at Orchid Insurance in Tampa, FL. Participating in a 6 - week summer internship program focused on risk management and insurance fundamentals.
Intern supporting climate risk and exposure analytics at USAA with modeling and data analysis for catastrophe management. Collaborating across teams to address climate impacts and improve resilience strategies.
Senior Operational Risk Officer providing oversight and risk management expertise for KeyCorp's Consumer Bank. Engaging with business units to ensure effective operational risk management practices.
Governance Strategist for ITGC and Identity & Access Management at Truist. Coordinating governance structures and driving risk management initiatives across technology teams.
MB
Customer Complaint Resolution Specialist in the Customer Advocacy team addressing escalated complaints. Conducting investigations, preparing executive - level responses, and advocating for better customer experiences at M&T Bank.