IT Risk and Governance Manager

IT Risk & Governance Manager

Ready to shape how a global business manages its technology risk and governance? Looking for a role where your expertise directly influences how we protect our systems, data, and clients? Join Aon as a Technology Risk & Governance Manager and help turn complex risks into clear, practical action!

This is a virtual role with the flexibility to be based in the US.

At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.

As an organization, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed.

In this role, you’ll be a key partner to Technology, Cybersecurity, Compliance, and the business—helping them make smart, risk‑aware decisions. Your day will blend hands‑on work with policies and controls, reviewing and challenging risks, and turning regulatory and framework requirements into clear, practical actions that protect our systems and data.

• Keep our technology policies, standards, and procedures up to date and easy to understand, working closely with stakeholders across the business.
• Lead regular reviews and approvals of policies and be the go‑to person to explain what they mean in day‑to‑day practice.
• Help design and maintain a clear set of technology controls (such as access management, change management, incident management, data protection, and resilience) that keep our critical systems and data safe.
• Work with Technology and Cybersecurity teams to spot gaps in controls, agree on fixes, and make sure they’re delivered on time.
• Support internal and external audits and control testing, helping respond to questions, and track findings through to closure.
• Maintain and update technology risk registers, making sure key risks are clearly described, assessed, and owned.
• Provide risk input on new projects, technology changes, and third‑party/vendor engagements so teams understand the impacts and can stay within risk appetite.
• Help define and track key risk indicators and metrics that show how our technology risk profile is evolving.
• Stay on top of relevant regulations, industry standards, and best practices, and translate them into practical requirements for our technology teams.
• Prepare clear, concise risk and control updates for senior leaders and governance forums.
• Build strong relationships with stakeholders across Technology, Cybersecurity, Compliance, Internal Audit, and business teams to align on priorities and remediation plans.
• Champion a risk‑aware culture by providing training, guidance, and day‑to‑day support on technology risk, controls, and governance.

As Technology Risk & Governance Manager at Aon, you won’t be on the sidelines—you’ll be a core partner in how we design, run, and protect our technology. You’ll see a direct link between the policies and controls you shape and the resilience of the platforms our colleagues and clients rely on every day. The role offers broad visibility, strong stakeholder engagement, and a mix of strategic thinking and hands‑on delivery—ideal for someone who wants to grow their career in technology risk and governance.

• Technology teams – Partner with application, infrastructure, and delivery teams to embed practical, right‑sized controls into day‑to‑day operations and change.
• Cybersecurity – Work closely with security specialists to align on threats, controls, incidents, and resilience expectations.
• Compliance & Legal – Translate regulatory and policy requirements into clear technology standards and controls.
• Business leaders – Support product, operations, and functional leaders in understanding their technology risk profile and remediation priorities.
• Internal Audit – Coordinate on audits, respond to findings, and drive sustainable remediation.

You’ll have clear ownership and autonomy, backed by supportive risk leadership, subject‑matter experts, and established GRC tools and processes.

• Bachelor’s degree in IT, Information Security, Risk Management, Business or…