Truist · 1 month ago
Senior Technology Resilience Risk Oversight Leader
Richmond, VA
Full-time
Onsite
Senior Level, Lead/Staff
15+ years expTruist is a financial services company seeking a Senior Technology Resilience Risk Oversight Leader. This role involves independent risk oversight of technology resiliency, developing trusted relationships with technology leaders, and ensuring the effectiveness of technology and cyber resilience programs.
BankingFinanceFinancial Services
Responsibilities
Provide independent risk oversight (i.e. second line of defense/LOD2) enterprise-wide for Enterprise Control Functions through the effective identification, mitigation, monitoring and reporting of operational, technology, compliance and strategic risks within the ECFs
Provide strategic risk advisory to ECF leads, i.e. the Chief Information Security Officer, the Chief Data Officer, the Chief Technology Officer, etc that supports the Truist organization’s strategies and objectives while operating within established risk appetites. Provide effective challenge of the ECF Strategy for Truist
Lead engagement of peer institution second line functions to influence the industry build of the tech risk functions
Lead execution of independent second line testing / evaluations (e.g. Red Team / Penetration Testing); work is typically commissioned by the Board, the CEO and / or the CRO
Ensure that resources, activities and initiatives are aligned to enable and sustain achievement of business objectives within forecasted spend rates while reducing risks
Provide independent assessment and oversight of the maturity of technology risk domains (e.g. Cyber, Service Delivery and Operations, Data Management, etc) and adequacy of controls pertaining to domains in meeting agreed to business outcomes for performance, stability, security and service availability. Assessments should leverage agreed upon metrics produced by Business Unit Risk Management (BURM) /first line of defense – LOD1) but challenged and validated as appropriate
Review and attest to/challenge adequacy of risk assessments (i.e. Risk & Control Self-Assessments, Application Assessments, Change Risk Assessments) produced by BURM
Serve as member of the Technology Risk Committee and participate in the Enterprise and Board Risk Committees and the Board Technology Committee, when applicable for Technology Risk related topics
Ensure effectiveness and structure in regulatory engagement practices, including responses out of the impacted ECF group
Encourage and monitor risk education, skills training and adoption of goals to drive improved risk culture and awareness across the enterprise
Engage on ECF Risk policy governance, as well as, policies, standards, procedures owned by areas of oversight. Provide direction and guidance in the development, implementation and communication of policies, procedures and standards. Oversight of multiple enterprise-wide policies
Monitor, assess and challenge as appropriate significant third-party and vendor relationships within Enterprise Technology
Develop and maintain effective channels of communication with other BU CROs, control functions, Senior Business Unit (BU) management, as well as regulatory agencies
Lead, manage and develop teammates directly and indirectly; influence cybersecurity talent management through recommendations to Truist senior leadership, including the Board of Directors, to inform decisions on resource allocations to close control gaps
Participate in applicable mergers and acquisition target evaluation and develop independent risk analyses where needed
Qualification
Required
Advanced degree in business or financial-related discipline, or equivalent education and related training
Twenty years of experience or equivalent proficiency in managing people with demonstrated high competency in recruiting, developing, and coaching/mentoring
Fifteen years of experience in a financial institution (or large corporate equivalent) with emphasis on risk management or equivalent work experience
Ten years of large ECF and related technology operations, including extensive knowledge of technology policy, procedures and regulations
Knowledge of key technology rules/regulations and technology risk management practices (e.g. Federal Financial Institutions Examination Council (FFIEC), Control Objectives for Information and Related Technology (COBIT), NIST (National Institute of Standards and Technology), Information Technology Infrastructure Library (ITIL))
Strong leadership skills including the ability to lead direct and indirect teammates
Excellent communication (verbal and written), presentation and facilitation skills; ability to influence and communicate with impact
Experience presenting to Executive Leadership and Board level
Superior ability to think critically and strategically
Preferred
Twenty years of experience in a financial institution with emphasis on risk management or equivalent work experience
Professional designations such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (Information Systems Audit and Control Association) (CRISC), Certified Project Manager (CPM)
Strategic business and financial planning experience
Experience with audit processes and techniques
Master's degree in Business Administration (MBA) or advanced degree in Business Management, Technology or Finance
Familiarity in application and execution of financial services technology-related laws, rules, regulations, and risk management standards (e.g. Federal Financial Institutions Examination Council (FFIEC), Control Objectives for Information and Related Technology (COBIT), Information Technology Infrastructure Library (ITIL))
Familiarity with risk measurement approaches including development of Key Risk Indicators and thresholds and associated reporting and analytics tools (e.g. Tableau, RSA Archer)
Technical expertise: Advanced knowledge of core infrastructure technologies (e.g., cloud, networking, databases, storage, data center management), concepts including SRE, Chaos Testing and other applicable IT resilience principles, and industry control frameworks (e.g., NIST, ISO27001, FDIC Operational Resilience)
Risk management knowledge: In-depth practical knowledge of risk assessment methodologies, control evaluation, and reporting
Communication skills: Excellent written and verbal communication skills with the ability to influence stakeholders at all levels of the organization
Problem-solving: Strong analytical, problem-solving, and decision-making skills in a fast-paced and high-pressure environment
Benefits
Medical
Dental
Vision
Life insurance
Disability
Accidental death and dismemberment
Tax-preferred savings accounts
401k plan
Vacation
Sick days
Paid holidays
Defined benefit pension plan
Restricted stock units
Deferred compensation plan
Company
Truist
Truist is the sixth-largest commercial bank in the U.S.
10001+ employees
H1B Sponsorship
Truist has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (313)
2024 (247)
2023 (288)
2022 (275)
2021 (278)
2020 (270)
Funding
Current Stage
Late StageTotal Funding
unknown2021-01-01Seed
Leadership Team
Michael Maguire
Chief Financial Officer
James Cordovana
SVP of Cloud Security Enterprise Architect
Recent News
Maryland Daily Record
2026-01-03
2025-12-18
Company data provided by crunchbase