Head of Technology Risk Management

Lead a newly created Technology Risk Management function responsible for providing strategic guidance and insights on risk mitigation, escalation, and business resilience across our Third Party Risk Management (TPRM), IT Escalation, and IT Business Continuity and Disaster Recovery processes. This leader will chair our Technology Governance & Risk Management Steer Co ensuring visibility to potential and accepted risk including recommended actions.

This role ensures the enterprise maintains risk transparency and operational resilience across the technology landscape, reporting regularly to executive leadership.

• Establish process, KPIs and management reporting to govern and proactively manage accepted technology risk.
• Constantly review existing policies and tooling, driving improvements and leverage automation / AI wherever possible.
• Chair the Technology Governance & Risk Management Steer Co.

• Direct the execution of third-party risk management activities, including vendor risk assessments, ongoing monitoring, escalations, and remediation.
• Proactively manage, communicate and escalate issues to senior leadership as needed.
• Review and approval of Risks/Findings, escalating risk recommendations to management as needed.
• Assist the Legal and Procurement teams with periodic updates to the Third-Party Minimum-Security Baseline contract addendum and provide ZTD review and monitoring of controls therein.
• Define and manage TPRM Training and Communication strategy for ZTD and Business.
• Establish KPIs and management reporting, proactively provide insights to accepted risk.
• Proactively optimize the process, tools and support structure with advancements with automation and AI.
• Owns, governs the IT Escalation Management Process, constantly evaluating how to optimize.
• Serves as escalation point for technology risk events and deviations, ensuring incidents are properly recorded, investigated, escalated, and closed.
• Accountable for proactively managing accepted risk and providing management reporting.
• Refines and implements KRIs (Key Risk Indicators) embedded in daily operations.

• Oversee the planning, execution, and escalation of IT disaster recovery and business continuity efforts, ensuring proper business resilience across all divisions.
• Ensures resiliency is built for the IT environment and applications.
• Develops and executes IT resiliency procedures and plans working with ZTD and business as applicable.
• Establish KPIs and management reporting providing view of overall health of ZTD Infrastructure & IT Resiliency (DR).
• Oversee tabletop reviews and recovery testing for Edge Sites.

Act as strategic partner with IT, business units, and leadership to mature risk management capabilities.

• Bachelor’s degree required; advanced degree preferred.
• 8+ years in technology risk management and leadership.
• Hands-on in IT risk frameworks, disaster recovery, and vendor risk.
• Proven leadership in technology risk management, IT disaster recovery, and third-party/vendor risk programs.
• Strong understanding of risk frameworks, incident response, and regulatory requirements.
• Demonstrated leadership in large, complex, multi-divisional global settings.
• Strong communication and broad influence skills; ability to develop strong relationships with internal and external stakeholders.
• Well-developed interpersonal skills that combine both IQ and EQ.
• Strong problem-solving ability with a focus on managing to business outcomes through collaboration with multiple internal and external parties.
• Executive presence and comfort interacting across all levels of the organization including senior leadership.
• Hands on leader with desire to dig into the details, build new practices, work across the organization to build buy-in, but also has the ability to work on strategy and interact with executive level discussions.
• Leads and motivates others, generating commitment and a shared sense of purpose.