Director, Risk Management - Platform Transformation
Listed on 2026-02-18
-
IT/Tech
Cybersecurity, Data Security
At Early Warning, we've powered and protected the U.S. financial system for over thirty years with cutting-edge solutions like Zelle, Paze, and so much more. As a trusted name in payments, we partner with thousands of institutions to increase access to financial services and protect transactions for hundreds of millions of consumers and small businesses.
Positions located in Scottsdale, San Francisco, Chicago, or New York follow a hybrid work model to allow for a more collaborative working environment.
Candidates responding to this posting must independently possess the eligibility to work in the United States, for any employer, at the date of hire. This position is ineligible for employment Visa sponsorship.
OverviewThe Director of Transformation Risk & Technology Controls serves as the first line risk leader embedded within the transformation and modernization programs. Partnering closely with the Head of Transformation Management - Product, Engineering, Data, and Operations leaders, this role is accountable for operationalizing risk management, ensuring regulatory compliance, strengthening control design, and protecting customer outcomes during platform modernization, migrations, and large-scale data movement initiatives.
This leader brings deep experience in cloud platforms, technology controls, data risk, and regulatory expectations, translating enterprise risk requirements into practical, executable controls that enable speed without sacrificing safety.
- Act as the primary first line risk owner for transformation initiatives, accountable for identifying, assessing, and managing risks introduced by platform modernization, cloud adoption, and operating model change.
- Embed risk management directly into transformation planning, execution, and go‑live decisioning, not as a gate, but as an enabler of safe delivery.
- Ensure transformation initiatives align with Early Warning's enterprise risk appetite, technology risk standards, and regulatory obligations.
- Lead risk assessments for new platforms, technologies, and architectural changes, including cloud-native services, third‑party integrations, and distributed systems.
- Assess and oversee control design and effectiveness across:
- Cloud infrastructure and services
- Identity and access management
- Data movement and storage
- Platform resiliency, availability, and failover
- Partner with Engineering and Architecture teams to ensure secure‑by‑design and resilient‑by‑design solutions throughout transformation.
- Conduct and maintain end‑to‑end risk assessments for:
- Platform migrations
- Product modernization
- Data migrations and large‑scale data movement
- Decommissioning of legacy systems
- Support go‑live readiness decisions with documented risk posture, residual risk acceptance, and mitigation status.
- Review and challenge alerting, monitoring, and operational run books for new platforms and technologies to ensure:
- Meaningful detection of failures and anomalies
- Clear escalation paths and ownership
- Alignment with availability, resiliency, and customer impact expectations
- Validate that monitoring controls adequately support regulatory, audit, and operational requirements.
- Ensure transformation initiatives comply with applicable regulations and frameworks, including but not limited to:
- PCI DSS
- SOC 2
- FFIEC
- Data protection and privacy requirements
- Lead risk management activities related to large‑scale data movement, data lineage, and data integrity during transformation.
- Assess risks associated with metadata management, including:
- Data classification and sensitivity
- Lineage and traceability
- Control coverage for metadata repositories and tools
- Ensure data risk considerations are embedded into platform design, migration planning, and analytics enablement.
- Ensure end-to-end testing strategies account for cross-platform dependencies, failure scenarios, and customer impact.
- Validate that control requirements are incorporated into testing plans and that identified gaps are addressed prior to production release.
- Support post-implementation reviews to confirm risk outcomes align with…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).