Director, LoD Risk and Controls Platform Lead

Director, 1

LoD Risk and Controls Platform Lead

At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting‑edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.

We’re seeking a future team member for the role of 1

LOD Risk and Controls to join our Data & Analytics team. This role is located in New York, NY.

BNY’s Data & Analytics (D&A) Client Platform powers institutional investors’ middle- and back‑office operations and supports core businesses across Asset Servicing, Fund Accounting, Global Risk Solutions, Middle Office, Baseline Insurance, and boutiques. The platform delivers commercial software and data products with deep domain expertise at the intersection of data management and financial services.

• Provide first line risk and controls support across the D&A platform’s solution portfolio (Data Management, Eagle Accounting, pControl, Eagle Performance). Assist fellow team members as necessary in carrying out firm‑wide third‑party governance framework and resiliency protocols.
• Lead risk identification, assessment, monitoring, and reporting for platform activities—including new business, product launches/modifications, platform modernization initiatives, cloud/microservices migrations, and legacy application centralization into the Data Vault ecosystem.
• Own and maintain D&A first line risk and control frameworks covering data lifecycle management (ingestion, transformation, storage, quality, lineage, access/entitlements, confidentiality/integrity/availability, commercialization/distribution).
• Challenge AI‑enabled capabilities deployed within the platform (e.g., Intelligent Document Processing, Auto Classification, Document Search) to ensure appropriate governance, controls, performance monitoring, explainability/traceability (where applicable), and compliance with internal standards and regulatory expectations.
• Work closely with the Resiliency Lead to oversee operational resiliency controls across production support and service delivery (in partnership with TSG/production support), including incident management, problem management, change and release controls, BCP/DR, capacity/availability, and issue remediation tracking to closure.
• Serve as a trusted business partner to assist the business in meeting its requirements from other parts of the bank, including compliance risk assessments, control reviews, information security, sourcing, resiliency, etc.
• Design and maintain risk metrics and KRIs/KCIs to quantify exposure and performance (e.g., incident rates, change defects, data quality thresholds, control test results, resiliency metrics, AI model performance controls where relevant). Provide regular dashboards and executive‑ready reporting for governance forums and senior leadership.
• Partner with platform architecture and engineering to assess emerging risks from modernization (microservices decomposition, API exposure, cloud patterns, container orchestration, data vault design), and recommend pragmatic control solutions that balance innovation with safety and soundness.
• Closely collaborate with colleagues in 2
  
  LOD (Risk and Compliance) as well as 3
  
  LOD (Internal Audit).
• Prepare concise executive‑level presentations and materials as required for platform governance forums; articulate platform risk posture, trends, and remediation progress clearly.

• Experience: 10–12 years in risk, controls, operational/technology risk, audit, compliance, or operations within global financial services or professional services, with significant exposure to data platforms, analytics solutions, and/or asset servicing technology and operations. Experience spanning first or second line roles.
• Risk & Regulatory: Strong working knowledge of operational risk frameworks, operational resiliency, change management, incident/problem management, data governance/control frameworks,…