A remote role at Empower.
How Sydicom helps: we read this listing’s requirements and tune your CV and cover letter to the keywords its ATS (Workday) is scanning for, for candidates in United States, then help you apply.
Original listing text, shown exactly as published by the company.
•
Support the execution and ongoing enhancement of the Company’s Technology Risk Management Framework, ensuring alignment with the 2nd LOD strategy and overall enterprise risk governance.
•
Conduct targeted technology risk assessments to identify control gaps, assess risks, recommend mitigations, and track remediation through closure.
•
Perform independent reviews of technology controls across IT domains, including security controls, access management, change management, ITSM processes, data protection, and cloud controls.
•
Monitor the organization’s technology risk profile by evaluating emerging risks, industry trends, incidents, and changes to the technology landscape.
•
Support issue management activities, including root cause analysis, remediation planning, and validation of implemented solutions.
•
Review technology-related process and project changes to identify associated risks and provide 2nd LOD risk challenge.
•
Assist with preparing TRM reporting and risk insights for senior management and board risk committees.
•
Build and maintain strong working relationships with the Technology organization, fostering a collaborative risk culture
•
Support ongoing enhancement of the Company’s AI Risk Management Framework, ensuring alignment with applicable regulatory expectations, responsible AI practices, and enterprise risk policies.
•
Maintain the enterprise AI Use Case Inventory, perform 2nd LOD review and challenge of AI models and AI use cases
•
Develop and deliver regular reporting on the AI Governance Program, including AI risk metrics, inventory changes etc.
•
Bachelor’s Degree required.
•
6–10 years of experience in enterprise Technology Risk Governance or Technology audit.
•
Working knowledge of technology risk management frameworks (e.g., ISO 27001/27002, NIST CSF, COBIT, ITIL) and understanding of core IT risk domains such as cybersecurity, data protection, infrastructure, and cloud.
•
Experience conducting risk assessments and control testing.
•
Strong analytical skills, with the ability to evaluate complex technical risks and articulate them clearly to both technical and business audiences.
•
Demonstrated ability to build effective relationships, collaborate with cross-functional teams, and influence stakeholders to drive remediation and strengthen control environments.
•
Excellent written and verbal communication skills, with the ability to prepare clear and concise risk reporting.
•
Ability to manage multiple priorities, operate with a high degree of ownership, and work both independently and collaboratively.
Work Environment & Disclaimer
This job description is not intended to be an exhaustive list of all duties, responsibilities and qualifications of the job. The employer has the right to revise this job description at any time. You will be evaluated in part based on your performance of the responsibilities and/or tasks listed in this job description. You may be required to perform other duties that are not included on this job description. The job description is not a contract for employment, and either you or the employer may terminate employment at any time, for any reason, as per terms and conditions of your employment contract.
Empower
Other
36 open roles on Sydicom
Empower is a prominent financial services company. They provide retirement planning, investment management, and financial advice services to individuals and institutions.
Generated by Sydicom AI
