Director IT and Data Risk Management

#
** Please reference the schedule and minimum qualifications listed below before applying.
** If you need assistance with filling out our application form or during any phase of the application, interview, or employment process, please notify our Human Resources Team at  option 1 or email  and every reasonable effort will be made to accommodate your needs in a timely manner.#
** Job Summary
** The Director of IT and Data Risk Management provides second line of defense oversight for technology and data-related risk domains. Reporting to the VP of IT, Cyber, and Data Risk Management, this role is responsible for maturing the credit union’s IT risk governance practices and building a scalable, sustainable second line data risk and governance program from the ground up.

This leader ensures alignment with the enterprise risk framework, regulatory guidance, and business objectives while helping to embed technology and data risk awareness into enterprise decision-making.#
** Job Description
**** LOCATION
* * Mountain America Center - Hybrid:9800 S Monroe St  Sandy, UT 84070
** SCHEDULE
* * Full Time To be effective, an individual must be able to perform each job duty successfully.
** IT Risk Governance
*** Oversee the credit union’s second line IT Risk Management Framework, including risk assessments, issue oversight, control testing strategy, and governance documentation.
* Evaluate and provide challenge to first line practices related to system change management, software development, platform resilience, vendor platforms, and IT operations.
* Collaborate with IT and ERM to define key risk indicators (KRIs), support risk appetite alignment, and develop enterprise reporting for IT risk themes.
** Data Risk and Governance Development
*** Lead the build-out of the second line enterprise Data Risk Governance Program, defining policies, roles, standards, and escalation protocols.
* Establish risk-based processes for data classification, quality, lineage, privacy, lifecycle management, and metadata governance.
* Partner with data owners, stewards, and business units to integrate risk controls into data handling and analytics processes.
* Collaborate with Legal, Privacy, and Compliance teams to support regulatory readiness for data usage, access, and storage requirements.
** AI Governance
*** Lead the design and implementation of a comprehensive AI governance program that establishes policies, controls, and oversight mechanisms to ensure responsible development and deployment of AI across the organization.
* Coordinate cross‑functional stakeholders—including legal, compliance, data, security, and business leaders—to identify, assess, and mitigate AI‑related risks and ensure alignment with regulatory, ethical, and organizational standards
** GRC Integration and Risk Reporting
*** Contribute to the development and automation of technology and data risk processes within the credit union’s GRC platform.
* Manage reporting routines, issue escalation protocols, and regulatory documentation for IT and data risk domains.
* Assist in the coordination of regulatory exams and internal audits related to IT governance, operational resilience, and data protection.
** Leadership and Strategic Collaboration
*** Manage a team of risk analysts or program specialists in support of IT and data risk management objectives.
* Serve as a trusted advisor across business units and risk domains, building consensus and driving a proactive risk culture.
* Influence the design and adoption of sustainable governance practices for emerging technologies, including AI, cloud services, and automation.## KNOWLEDGE, SKILLS, and ABILITIES The requirements listed are representative of the knowledge, skills, and/or abilities required.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions.
** Education and Experience
*** Bachelor’s degree in information technology, Risk Management, Data Analytics, or related field.
* 8+ years of experience in IT risk, data governance, or enterprise risk within a financial institution or regulated entity.
* 3+ years in a related leadership role, governance focus preferred
*…