Technology Risk Program Manager
ARCHIVED
We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.
Dice is the leading career destination for tech experts at every stage of their careers. Our client, Maven Companies, is seeking the following. Apply via Dice today!MOST IMPORTANT: Project Management experience – Able to make sure that we are tracking and ensuring completion of audit issues.Very strong organization skills and attention to detailStrong reporting experienceStrong experience with project planningAbility to plan ahead.Technical know-how is important but don’t need to be an engineer or engineering background. Experience in risk space is helpful because they will be more effective in what the team is trying to accomplish. Onboarding will be easier and faster. Fintech/financial is helpful but not priority. Experience with Jira (not using Service Now)Governance project in the past will be helpful.What You’ll DoOwn the portfolio of technology and security risk issues end-to-end—intake, prioritization, tracking, and remediationMaintain a single source of truth for risk issues, findings, exceptions, and mitigation plans, with clear owners and due datesPrepare and deliver risk reporting for executive leadership, Risk Committees, and the Board, including portfolio health, trends, aging, and key exposuresTranslate technical risk and security findings into concise, decision-ready narratives for non-technical and Board audiencesDrive remediation across engineering, security, and infrastructure teams with clear accountability and timelinesTrack issues, findings, and mitigation plans through resolution, monitoring SLAs, aging, and overdue itemsManage escalations thoughtfully, knowing when to resolve and when to elevate decisionsPartner with InfoSec, Risk, Compliance, and Legal to ensure regulatory, security, and policy requirements are metMaintain strong controls, documentation, and audit readiness across the risk portfolioContinue to manage select data programs end-to-end—owning plans, milestones, dependencies, and embedded risk and security controlsBuild and maintain dashboards and reporting to track issue health, remediation progress, and overall risk postureUse Jira and GRC tooling to monitor issue throughput, aging, and portfolio performanceFacilitate working sessions and risk forums across security, technology, data, and business teamsAct as connective tissue between technical and security teams and business and executive stakeholdersDrive consistent risk and program management practices across the technology organizationAbout You6+ years in technical program management or technology/security risk and issue management within technology, security, or data organizationsStrong understanding of technology and security risk—how issues are identified, assessed, prioritized, tracked, and remediatedWorking knowledge of security infrastructure—identity and access management, network and cloud security, encryption, endpoint, and vulnerability management—and how controls map to riskExperience preparing and presenting executive- and Board-level reporting on risk, security, or program statusProven ability to drive cross-functional remediation in fast-paced, regulated environmentsExperience partnering with second- and third-line Risk, Compliance, audit, and InfoSec teams on reviews and remediationSolid data program management foundation, including data concepts such as pipelines, data quality, lineage, governance, and privacyHands-on experience with Jira and familiarity with GRC tools, including workflows, reporting, and metricsStrong organizational, communication, and stakeholder management skills, with a talent for distilling complexityAbility to operate effectively in a matrixed environment across technology, security, and business teamsBachelor’s degree in Computer Science, Information Systems, Cybersecurity, Business, or related field, or equivalent experienceBonus PointsExperience with Agile, Waterfall, or hybrid delivery modelsFamiliarity with security frameworks such as NIST CSF, ISO 27001, SOC 2, or CIS ControlsHands-on exposure to cloud security (AWS, Azure, or Google Cloud Platform) and infrastructure-as-code conceptsExperience supporting regulatory exams or auditsFamiliarity with GRC tools such as Archer, ServiceNow IRM, or similarFamiliarity with modern data platforms and tools such as Snowflake, Databricks, dbt, or AirflowCISSP, CRISC, PMP, PgMP, or Agile certificationsExperience in fintech or other regulated industries