We have been engaged to identify an IT RISK MANAGER for one of America’s most respected Financial Services companies,  This role is based in San Francisco, CA (or possibly NYC).

The IT RISK MANAGER is situated in 2nd Line of Defense and will report directly to the VP of Risk for Technology and Vendor Management.  In this role you will execute a wide variety of tasks aimed at developing and maintain and effective program for identification, measurement, and monitoring of risk, as well as design of effective operating controls.  This is a high visibility role; you will work closely with teams across Technology (Information Security, Vendor Management, IT, Audit, and Compliance) and the business. And you will look for opportunities to leverage your subject matter expertise and best practices to look for value-added opportunities to enhance the organizations’ risk maturity in these key areas.  This is a great role for someone who wants to go beyond identifying and testing risks, to working on solutions.

The right candidate for this role will have a strong foundation in IT Risk Management, or in related areas such as Cyber Security or Technology Audit.  Someone who is data analytics savvy would be valued, as the organization is striving to use more of a data-driven approach to risk evaluation. You will have outstanding communication skills (both oral and written) and be able to demonstrate a history of building strong relationships.   The ideal candidate will have a solid technical foundation and understanding of cyber security concepts and technologies, risks and controls.  Experience with Cloud environments and Agile development would be highly valued.

What Makes this Opportunity Special:

  • Phenomenal Growth – this organization has more grown by 5X over the past 10 years (sustaining 20%+ growth YoY, resulting in outstanding career path potential. The stock price has more than doubled in the past year!
  • Highly Respected Brand – this is one of the most highly respected organizations in the SF Bay Area and Financial Services. The bank has been recognized as best in class by several publications.
  • Opportunity to play a major role to help this rapidly growing organization mature their IT Risk posture
  • High profile role – excellent visibility within organization
  • Wide variety of task/projects to keep you engaged and stimulated
  • High integrity organization and culture
  • Great SF location – easily accessible by BART, MUNI, or CALTRANS
  • Good work/life balance and No travel!

What would make you a great fit:

  • Bachelor’s degree
  • CISA, CRISC, CISSP, CCSP, or other Cloud Security certifications would be highly valued
  • 5+ years’ experience in IT Risk, Technology Audit, or related
  • Solid understanding of Risk Principles and Concepts: Risk Identification; Risk Inventory; RCSA; ERM; GRC, Lines of Defense
  • Experience with security assessments around frameworks (FFIEC Cyber security, NIST, ISO, etc.)
  • Experience assessing risks around technology implementations (SDLC/Agile/DevOps), highly valued
  • Experience working with IT/business to design effective controls (redesign processes) preferred
  • Solid knowledge of IT Operations and Technology Architecture and infrastructure is valued
  • Experience with Data Analytics, metrics, KRIs, and/or dashboards is a plus
  • Agility and problems solving skills highly preferred
  • Excellent written and oral communications skills (and confident presenter)
  • MUST HAVE highly collaborative style and be a team player

PLEASE NOTE: this position is not Fully-Remote post-Covid.  Employees will need to have some regular presence in the office. Please do not apply if you are unable to commute (or interested in relocating) to San Francisco, CA (or NYC possible).

Apply For This Position

To inquire about the above Job Opening, please complete the form below
  • We ask for personal email as we recommend that candidates never use their work email for career-oriented correspondence. Also, some companies (i.e. some Big 4 firms) have been known in the past to block emails from recruiting firms. Finally, in the event you make a quick career move (planned or unplanned), we will be able to maintain contact.
  • Due to stringent U.S. work authorization requirements, The Weinman Group is not able to work with candidates who do not already posses a valid work authorization/visa to work in the United States.