About the role

Director of Technology Risk Partner managing identification and mitigation of technology risks at Prudential. Ensuring compliance with industry standards and fostering a proactive risk management culture.

Responsibilities

Identify and assess technology-related risks including (but not limited to) Identity and Access Management, Vulnerability Management, Resilience, etc. to ensure the organization's risk profile is accurately captured
Develop and implement risk mitigation strategies and controls to address identified technology risks, ensuring the organization's risk appetite and tolerance levels are maintained
Work with control partners and the business to ensure compliance with relevant regulatory requirements and industry standards, such as NIST, ISO 27001, and COBIT, by staying current on changes and advising the organization accordingly
Conduct and review RCSAs to evaluate the effectiveness of existing controls and processes and identify areas for improvement
Oversee the management and remediation of technology-related issues, ensuring timely resolution, escalation, and effective communication with stakeholders
Prepare and present risk reports to senior management and governance forums, clearly communicating the organization's risk posture and mitigation plans
Collaborate with cross-functional teams and key stakeholders to ensure alignment on risk management strategies and initiatives
Continuously monitor and improve the organization's technology risk management framework, incorporating best practices and lessons learned from past incidents. This also includes monitoring emerging technology risks to help prepare Prudential for the future.

At least 10 years of progressive experience in operational risk management, internal audit, or compliance within the financial services industry focused on information technology
Familiarity with regulatory requirements and risk management frameworks such as NIST, ISO 27001, and DORA
Demonstrated ability to lead and collaborate with cross-functional teams, providing guidance and support on technology risk management initiatives
Expertise in analyzing and interpreting risk data, conducting risk assessments, and developing risk mitigation strategies
Proficiency in conducting RCSAs or process-level assessments, managing and driving remediation of issues, developing key risk indicators, and monitoring risk appetite and tolerance
Ability to prepare and present risk reports to senior management and governance forums, ensuring clear communication of risk posture and mitigation plans
Certifications are a plus: CRISC, CISSP, or SANS certifications.

Medical, dental, vision, life insurance, disability insurance
Paid Time Off (PTO), and leave of absences, such as parental and military leave
401(k) plan with company match (up to 4%)
Company-funded pension plan
Wellness Programs including up to $1,600 a year for reimbursement of items purchased to support personal wellbeing needs
Work/Life Resources to help support topics such as parenting, housing, senior care, finances, pets, legal matters, education, emotional and mental health, and career development
Education Benefit to help finance traditional college enrollment toward obtaining an approved degree and many accredited certificate programs
Employee Stock Purchase Plan: Shares can be purchased at 85% of the lower of two prices (Beginning or End of the purchase period), after one year of service
Eligibility to participate in a discretionary annual incentive program is subject to the rules governing the program, whereby an award, if any, depends on various factors including, without limitation, individual and organizational performance.