Cyber Security Risk Management Lead - Network & Security Architecture

Position Overview:

• Role Overview : Responsible for end-to-end technology risk lifecycle management within a specific security domain (Network & Security Architecture). Reports to the area's Associate Director and acts as the primary risk advisor for assigned domain leaders.
• Key Responsibilities :
  • Identify, assess, and monitor technology risks and controls within the assigned domain.
  • Lead and drive risk assessments, issues management, and remediation prioritization.
  • Collaborate with technical SMEs and business units to analyze risk data, diagnose root causes, and propose solutions.
  • Oversee controls testing (in partnership with offshore teams) and ensure effective risk reporting and escalation.
  • Serve as the main point of contact for domain leaders, building strong relationships and acting as an advisor.
  • Support integration and improvement of risk management processes, including advisory input on operating model changes.
  • Use ServiceNow and Excel for risk data analysis and workflow management.
• Required Skills & Experience :
  • Strong background in technology risk management, preferably in financial services or large enterprise environments.
  • Experience with risk and control identification, issues management, and remediation processes.
  • Proven experience Network & Security Architecture including identifying, assessing, prioritizing, and remediating vulnerabilities in complex environments
  • Strong understanding of AI-specific threats (e.g., adversarial attacks, model theft, data poisoning) and practical experience in mitigating these risks within enterprise environments.
  • Strong experience in Information security risk and cybersecurity control capabilities with extensive knowledge of information and technology risk management policies, methods, standards, tools, and processes (e.g., ISO, COSO, COBIT, NIST) as well as knowledge of compliance, legal, internal/external audit, and regulatory requirements.
  • Ability to analyze technical data, ask critical questions, and synthesize findings for senior stakeholders.
  • Familiarity with security domains such as vulnerability management, application security, network security, IAM, or cloud/infrastructure security.
  • Excellent communication, stakeholder management, and influencing skills; able to drive alignment across diverse teams.
  • Proficiency in ServiceNow, Excel, and general risk management tools.
• Preferred Qualifications :
  • Experience with controls testing, audit, or GRC platforms.
  • Understanding of regulatory and compliance frameworks relevant to technology risk.
  • Prior consulting experience or demonstrated ability to operate in a matrixed, cross-functional environment.