Vice President, Technology Risk & Controls
Listed on 2026-07-14
-
IT/Tech
Cybersecurity, Information Security, IT Business Analyst, Data Security
Employer:
Black Rock |
Location:
Wilmington, Scotland, United States of America | Salary:
Competitive | Closing date: 10 Aug 2026
At Black Rock, the Enterprise Technology Risk & Controls team operates within the first line of defense and is responsible for advancing technology risk management, control effectiveness, and enterprise resilience across the firm. The team partners with Engineering, Information Security, Risk & Quantitative Analysis, Internal Audit, and senior technology leaders to establish and mature technology risk management practices that enable informed decision-making and measurable risk reduction.
Role DescriptionWe are seeking a forward-thinking Technology Risk VP to help shape the future of technology risk management, control effectiveness, and resilience part of the Enterprise Technology Risk & Controls team, this individual will influence how technology risk is governed, measured, monitored, and reduced across one of the world's largest and most complex technology environments.
The role will partner closely with Engineering, Information Security, Operational Risk, Internal Audit, and senior technology leaders to develop modern risk frameworks, establish forward‑looking risk indicators, strengthen control effectiveness, and drive strategic risk reduction initiatives. The successful candidate will enable continuous visibility, data‑driven decision‑making, and measurable risk reduction. This role is ideal for someone who can operate at both strategic and execution levels—building new capabilities, simplifying complex problems, and driving meaningful change across large organizations.
Key Responsibilities- Technology Risk & Control Frameworks
- Help develop and mature technology risk and control frameworks aligned to enterprise technology risk priorities.
- Define control objectives that clearly articulate intended risk outcomes and expected control performance.
- Establish traceability across risks, controls, standards, metrics, issues, and remediation activities.
- Support consistent adoption of risk and control practices across technology organizations.
- Controls, Policies & Standards
- Drive initiatives to mature technology risk policies, standards, and implementation requirements.
- Partner with stakeholders to improve clarity, consistency, and usability of control requirements.
- Ensure alignment between policy intent, technology controls, and operational execution.
- Facilitate cross‑functional working groups and stakeholder engagement activities to support adoption and accountability.
- Metrics, Enterprise Risk Indicators & Continuous Monitoring
- Design outcome‑based control effectiveness measures that provide insight into whether controls are reducing risk as intended.
- Help develop Key Risk Indicators, Key Performance Indicators, and forward‑looking risk signals that provide visibility into technology risk exposure and resilience.
- Translate technical and operational data into executive‑level insights that support technology risk governance, prioritization, and decision‑making.
- Improve transparency of control effectiveness, remediation progress, and measurable risk reduction outcomes.
- Technology Risk Reduction & Resilience
- Identify systemic technology risk themes and partner with technology leaders to drive measurable reduction in risk exposure.
- Support enterprise initiatives focused on technology resilience, software development practices, asset lifecycle management, control modernization, and emerging technology risk domains.
- Translate risk findings, control weaknesses, and operational trends into action plans with clear ownership, milestones, and measurable outcomes.
- Track remediation progress and evaluate whether completed actions materially reduce risk.
- Help leadership prioritize risk reduction efforts based on severity, business impact, control effectiveness, and resilience outcomes.
- Strong experience in technology risk management, technology controls, cybersecurity, operational risk, engineering risk management, or related disciplines.
- Strong understanding of technology control frameworks and industry…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).