Risk & Compliance
Associate Director, Technology & Data Risk, Practices
Job ID: 91568
In this role you will design, implement, and maintain an end-to-end risk management program for technology and data risks.
Who You'll Work With
You will work within the firm's Technology & Data Risk function as the Practice Leader focused on identifying and reducing technology and data-related risks in Practices. This role reports directly to the Director, Technology & Data Risk, who is responsible for the firm's global risk management program as part of the Risk function. You will partner closely with Practice leadership including the Partner, Healthcare and Public Sector Analytics, the Practice Risk leader, and the core technology and solutions team. You will also maintain close collaboration with the firm's Client Service Risk Capabilities team, the Healthcare and SHaPE Legal teams, and the client leaders in tech & data risk in our Resilience & Risk Practice.
Your impact within our firm
In this role you will design, implement, and maintain an end-to-end risk management program for technology and data risks (including but not limited to cyber, operations, tech strategy, tech governance, data management/governance, and AI/GenAI). You will engage with Practice leadership to understand goals and strategy, solicit guidance, and shape a fit-for-purpose program, based on the global policies, standards, and risk governance from the core Risk team. You will take a risk-based approach to identifying the practices that need the most support, and work collaboratively with our global leaders to tailor solutions.
As a program builder, you will work through and with other teams in the firm to ensure implementation of risk-reducing solutions. In some cases, you will adapt a global program to fit the needs of the Practice. In other cases, you will design controls and compliance measures that exceed global standards, reflecting the needs of the sensitive sectors and clients the practice serves.
As an advisor, you will partner with practices on the status of their current technology and data risk programs and on implications of new delivery models and technology decisions to ensure ongoing compliance with changing regulatory and client requirements. You will support CST and client requests when a specific and deep level of expertise is required. You will also support firm efforts on data localization and management as it specifically impacts practices serving public sector and more sensitive clients. Additional responsibilities include building awareness and designing training on compliant tech and data practices for product teams and CSTs, in collaboration with the global program.
Your qualifications and skills
- 10+ years of experience in technology or technology risk management, with a specific focus on personal data, technology risk, AI, and/or government classified information
- Previous experience as part of a leadership team responsible for designing, implementing, and operating a global risk management program is required
- Demonstrated expertise in management of sensitive data; familiarity with Personal Data and Data Privacy, Export Control/Sanction Data, Healthcare/HIPAA, and other forms of highly sensitive data required
- Understanding of a range of enterprise IT and cloud-based architectures and technologies, such as networking, server infrastructure, operating systems, web applications, mobile
- Familiarity with AI and Generative AI tools and risk mitigating solutions a plus
- Strong written and verbal communication skills, prior experience presenting to a leadership committee or board required