Job Description

Join our team to innovate in risk mitigation, leveraging your skills in a fast-paced, impactful environment.


As a Tech Risk & Controls Associate in Cloud Foundational Services (CFS) function, you will be a part of a team that supports the audits/assessment/attestations/regulatory exams conducted by Internal Audit teams (3 rd Line Of Defense (LOD)), Compliance, Conduct and Operational Risk (CCOR) (2 nd LOD), External Auditors and Technology Governance, Risk & Controls (GRC).





You will support product/platform/service/process owners by leading and managing the engagements from beginning of the audit i.e. Planning Phase to the end i.e. Reporting Phase.





As a valued member of the team, you will have the opportunity to learn and grow in a dynamic and fast-paced environment, making a tangible impact on technology risk and controls at the firm.

Job responsibilities

Assesses and monitors technology risks, ensuring compliance with firm standards, regulatory requirements, and industry best practices Supports implementation of effective controls in collaboration with cross-functional teams and stakeholders Evaluates the effectiveness of existing controls, identifies gaps, and recommends improvements to mitigate risks and enhance the firm's risk posture Analyzes complex situations, provide advice on risk management strategies, and support the implementation of risk mitigation measures Leads and manages all audit/assessment engagements for CFS Performs control reviews and risk assessments for the processes owned by CFS Proactively identifies risks and periodic reporting of the same Supports process owners in managing operational risk and provides transparency to stakeholders Monitors and evaluates the effectiveness of implemented controls, contributing to the recommendations for improvements and addressing gaps in risk management Communicates risk-related findings and updates to relevant stakeholders, ensuring alignment with organizational objectives and risk appetite

Required qualifications, capabilities, and skills

Formal experience or equivalent expertise in technology risk management, information security, or a related field Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards Demonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders In-depth knowledge on firm wide risk management and technology hygiene management tools Proficient in risk identification, assessment, and control evaluation, with a strong understanding of industry standards Exposure to risk management frameworks, regulations, and industry best practices

Preferred qualifications, capabilities, and skills

* Cloud Certifications, CISM, CRISC, CISSP, or other industry-recognized risk certifications