Specialist in insurance operations at BV, a leading private bank in Brazil. Strategic involvement in product evolution and risk governance.
About the role
- Technology Risk Leader overseeing enterprise-wide technology risk management at Broadridge. Responsibilities include risk assessments, IT audits, AI model risk governance, and M&A due diligence.
Responsibilities
- Develop and lead the technology risk program, including risk assessments, risk appetite alignment, and remediation tracking.
- Manage internal and external IT audits covering applications, infrastructure, access controls, change management, and vendor risk.
- Establish and maintain model governance frameworks, ensuring model validation, monitoring, explainability, and fairness consistent with emerging regulatory expectations.
- Interpret guidelines (FFIEC, NIST, OCC, and other regulators), translate them into actionable controls, and lead exam preparation and response activities.
- Integrate security controls into development pipelines, conduct threat modeling, and perform secure design reviews throughout the CI/CD lifecycle.
- Define and monitor cloud security posture; lead architecture reviews, identity and access management, encryption, and incident response across multi-cloud and microservices environments.
- Assess and strengthen control environments for mainframe systems, batch processing, and change management.
- Conduct due diligence on security, architecture, and operations; lead post-acquisition integration risk mitigation activities.
- Maintain alignment of control frameworks with NIST CSF/800-53, FFIEC, CIS, and COBIT standards; produce governance metrics and executive dashboards.
- Evaluate vendor security controls, SLAs, and remediation progress for cloud and outsourced services.
- Participate in incident management, lessons-learned reviews, and disaster recovery/business continuity testing.
- Mentor team members and partner closely with security, engineering, legal, and compliance teams to embed a culture of secure design.
Requirements
- 8+ years in technology risk, IT audit, information security, or related functions (financial services experience strongly preferred).
- Proven knowledge of NIST 2.0, FFIEC guidance, CIS Controls, and COBIT frameworks.
- Hands-on understanding of AWS, Azure, and GCP architecture, security services, and shared responsibility models.
- In-depth experience with distributed systems, containers, Kubernetes, and resilient architecture design.
- Proficiency with secure SDLC and DevSecOps practices (SAST, DAST, dependency scanning, CI/CD).
- Exposure to AI/ML risk management, model governance, and related regulatory requirements.
- Familiarity with mainframe environments (e.g., z/OS) and associated control practices.
- Experience conducting technical due diligence and integration planning for M&A.
- Strong IT audit execution and remediation management capabilities.
- Solid grasp of IAM, encryption, monitoring, vulnerability management, and incident response practices.
- Exceptional communication and presentation skills with the ability to translate technical risk for executive audiences.
- Bachelor’s degree in Computer Science, Information Systems, Engineering, or related discipline required; advanced degree preferred.
Benefits
- Please visit www.broadridgebenefits.com for information on our comprehensive benefit offerings.
- All Colorado employees receive paid sick leave in compliance with the Colorado Healthy Families and Workplaces Act and other legally required benefits, as applicable.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Associate, managing credit risk policy lifecycle at Capital One. Collaborating with stakeholders to ensure compliance and enhance risk frameworks.
Senior operational risk advisor at Desjardins developing guidelines and policies to prevent fraudulent transactions. Collaborating with various stakeholders and recommending strategic directions based on extensive knowledge.
Risk Management Consultant focused on identifying, analyzing, and managing risks for organizations in Göteborg. Join TechSeed's Cyber Security team with a strong emphasis on innovation and collaboration.
Internship role at Emerson in Cluj - Napoca, Romania, focused on governance and securities responsibilities. Engaging with a diverse team to drive innovation and foster a collaborative environment.
Risk Control Intern assisting with risk assessment and administrative tasks in commercial insurance operations. Gaining hands - on experience and participating in training programs.
Senior Risk Analyst for Asset Management and Distribution at Bancolombia. Evaluating risks and ensuring compliance with internal policies in Colombia.
Internal Audit Model Risk Manager evaluating the effectiveness of algorithms driving the business at Coinbase. Leading implementation of best - in - class internal audit practices within a global team.
Nurse Navigator coordinating patient care and ensuring timely scheduling at the University of Miami Health System. Serving as a liaison and educating patients throughout their care journey.
Senior Market Risk Specialist at SMUD managing market risk exposures in energy portfolios. Lead quantitative assessments and collaborate with stakeholders for strategic decision - making.