Head of Technology Risk, Governance, and Controls
$220k - $350kS&P Global HQ North America
About the Role
Grade Level (for internal use): 15
Head of Technology Risk, Governance, and Controls
The Impact
The Head of Technology Risk and Governance works directly with the Senior Vice President, Chief Information Officer (CIO) to own the strategy and oversight of first-line risk across the broader technology organization. The role will ensure the integrity of S&P Global systems by managing our internal controls, owning and ensuring completion of MAPs, SOX controls, any audits from a technology perspective, regulatory compliance, and our overall risk posture. This role works in partnership with key stakeholders in Information Security, divisional technology teams, Corporate functions, our Enterprise Data Organization, as well as with Enterprise Risk and Compliance, Internal Audit, and External Auditor.
Responsibilities and Impact
- Lead the technology risk and governance strategy by driving risk initiatives in support of the Enterprise Technology and Transformation strategy to protect our brand, enable business-focused capabilities, and lead with innovation.
- Ownership and liaison for SOX controls with Finance, Internal Audit and External Auditor including responsibility for the annual testing of related IT SOX controls and deficiency remediation.
- Scale and optimize the first-line of defense to proactively identify and mitigate technology risk across the firm.
- Work in tandem with the Enterprise Risk and Compliance team to contribute to the enterprise risk appetite and taxonomy, and design and operate the controls that implement them within technology.
- Operationalize the enterprise risk framework within technology and establish the technology-specific governance needed to run the first line, in coordination with information security.
- Establish and track KPIs and KRIs related to technology risk and compliance across all technology teams; create consistency in measuring and reporting.
- Collaborate with senior stakeholders across the enterprise to integrate risk management into strategic planning, product development, and operational rigor.
- Lead risk assessments and partner with Internal Audit to ensure compliance and identify areas for improvement.
- Drive a culture of risk awareness and continuous improvement, ensuring compliance to industry standards. Create risk awareness programs designed to improve the risk fluency of our technology organization.
- Own first-line management of technology risk arising from third parties, external platforms, cloud providers, and critical dependencies—including concentration and continuity exposure—partnering with Procurement / Third-Party Risk Management and the second-line dependency function.
- Own identification, remediation planning, tracking to closure, and timely escalation of technology risks, control issues, and audit action plans across the organization.
- Design, implement, and operate the technology control environment, including control self‑assessment and the production of audit‑ and oversight‑ready evidence.
- Embed first-line risk management and controls for AI including model and use‑case inventory, secure deployment, monitoring, and control operation.
- Strengthen operational resilience and continuity for critical technology services, including availability and recovery expectations.
- Map regulatory and compliance obligations affecting technology into the control environment, ensuring traceability between obligations, controls, and evidence.
Basic Required Qualifications
- Minimum of 15 years of experience in technology risk management and internal controls implementation, including both building and operating a function, including people management experience.
- Strong stakeholder relationship acumen to navigate issue resolution and urgency with internal and external stakeholders.
- Able to convey complex risk topics, including progress of remediation efforts, statuses of issues, etc. to varied audiences (e.g., executive leadership, technical teams, audit, etc).
- Successful track record in working in a global environment, with the ability to create constructive relationships and communicate across various organizational teams.
- Exceptional analytical skills and problem‑solving abilities, with proven experience in prioritizing and executing tasks in a high‑pressure environment.
- Deep familiarity with technology risk and control frameworks such as NIST CSF, ISO 27001, COBIT, and SOX IT General Controls.
- Understanding of emerging technology risk domains including AI/ML, cloud, and data privacy; ability to develop risk approaches for novel and evolving technology landscapes.
- Must be in reasonable distance of one of our office locations. Role will be required to be in office at least 2 days per week.
Additional Preferred Qualifications
- Experience applying risk and control frameworks in a regulated environment.
- Hands‑on experience with GRC platforms (e.g., ServiceNow GRC, Archer, or equivalent) to operationalize governance and reporting at scale.
- Relevant professional certifications such as CRISC, CISM, CISSP, or equivalent.
- Experience working with core AI capabilities such as Microsoft Copilot, Claude, or ChatGPT, particularly in solving business problems through custom agents or workflows.
- Demonstrated experience operating within a Three Lines model, partnering with an independent second-line risk function and Internal Audit organization, without duplicating accountability.
- Experience assessing third-party, vendor, and cloud‑dependency technology risk, including operational resilience and concentration implications.
- Master of Business Administration or Engineering or related discipline.
Salary and Benefits
S&P Global states that the anticipated base salary range for this position is $220,000 to $350,000. Final base salary for this role will be based on the individual’s geographic location, as well as experience level, skill set, training, licenses and certifications.
In addition to base compensation, this role is eligible for an annual incentive plan. This role is not eligible for additional compensation such as an annual incentive bonus or sales commission plan.
This role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, see
Benefits
- Health & Wellness: Health care coverage designed for the mind and body.
- Flexible Downtime: Generous time off helps keep you energized for your time on.
- Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
- Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company‑matched student loan contribution, and financial wellness programs.
- Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best‑in class benefits for families.
- Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.
Equal Opportunity Employer
S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability, please send an email to: View email address on click.appcast.io and your request will be forwarded to the appropriate person.
Location: New York, New York, United States
#J-18808-Ljbffr- ...the United States. The Senior Risk Program Manager for Model Risk... ...Citizens Bank's Enterprise, Technology and Operations (ET&O) team, with a primary focus on governing the validations of the ET&O fraud... ...with the Business Risks and Controls Advisory Teams and Model Owners...SuggestedFull timeRemote workMonday to Friday
$70 - $85 per hour
A leading IT services company is seeking a Sr. Risk And Control Manager to support risk and compliance initiatives in a fully remote role. The ideal candidate will manage partnerships, conduct detailed analyses, and drive issue resolution. Strong knowledge of the banking...SuggestedRemote job$70 - $85 per hour
Sr. Risk And Control Manager at TEKsystems Overview The Risk and Compliance Analyst will play a critical role in driving the successful... ...America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we...SuggestedFull timeTemporary workRemote work- ...established General Partners, we provide administration services and technology to whole fund families or select funds, to help scale their... ...operations rapidly and efficiently. Job Description The Fund Controller at Standish works with other team members to lead the...SuggestedWork at officeLocal area
- ...Research Triangle of North Carolina, is expanding its engineering team. The new role involves technical leadership on Raman and OCT technologies and working closely with product marketing to ensure specifications are met. Applicants should have a higher degree in fields...Suggested
$86.3k - $118.7k
...Become a part of our caring community The Portfolio Manager governs the Primary Care Organization (PCO) Intake System, PCO Operating Model Process, and PCO Portfolio and Business ART in Jira Align. They are a key partner to the IT Portfolio Manager and our Product and...Full timeTemporary workApprenticeshipWork experience placementWork at officeRemote workWork from homeHome office- A specialized fund administration service provider is seeking a Fund Controller to manage financial reporting and operations for private equity clients. The ideal candidate will have a Bachelor's degree, experience in public accounting, and knowledge of private equity...
- Genesys is seeking a Director of Technology Portfolio Management to lead enterprise technology investments in North Carolina. You will oversee portfolio governance, alignment with strategic priorities, and drive executive decision-making through actionable insights. With...Flexible hours
$150k - $175k
...curriculums, and Nanodegree options in both technology and data science Professional... ...Description The Director of (Cyber) Governance, Risk & Compliance (GRC) is a cyber leadership... ...risk assessment and treatment, internal controls, third-party risk management, audit...Full timeLive inWork at officeWork from homeFlexible hours- ...funds in addition to our full fund administration services. For established General Partners, we provide administration services and technology to whole fund families or select funds, to help scale their fund operations rapidly and efficiently. Job Description This is a...Full timeWork at office
- ...capabilities. You'll drive end-to-end governance, delivery execution, and stakeholder alignment... ...; while working closely with Product, Technology, Platforms, and Design. Job... ...and monitors adherence to the firm's risk, controls, compliance, and regulatory requirements...
- ...Director of Technology The Director of Technology is responsible... ...technical concepts, priorities, risks, and outcomes effectively to... ...technology solutions by establishing governance processes, technology... ...access management, cybersecurity controls, and risk mitigation...For contractors
- ...DESCRIPTION Bring your Expertise to JPMorgan Chase. As part of Risk Management and Compliance, you are at the center of keeping JPMorgan... ...credit worthiness. Risk Management provides independent oversight and maintains an effective control environment. #J-18808-Ljbffr 慨正橡扯
$90k - $150k
## Risk Manager - Scenario Analysis & Exercises .### General informationCareer areaRiskWork... ..., findings, remediation themes, and governance updates.* Maintain reporting, evidence, and... ..., governance, reporting, risk and control self-assessments, issue management, audit...Full timeTemporary workPart timeWork experience placementWork at officeRemote workRelocation packageFlexible hours- ...aging reports with a high level of detail to identify trends, risks, and resolution opportunities* Evaluate credit risk across the... ...reporting and variance analysis* Ensure compliance with internal controls and company policiesCollections Strategy & Cash Flow Optimization...Relocation
- ...instructions, country requirements, and internal controls. Enter payments into banking systems and... ...Management Systems (TMS) and financial technology platforms (e.g., Kyriba, G‑Treasury), as... ...and payment operations, identifying risks, issues, and improvement opportunities....Work at officeFlexible hours
- ...compliance, capital structure, and financial risks. Reporting to the Treasury Manager, this... ...and assist in the development of controls to mitigate risks. Reporting and Analysis... ...and in French here. Residents of countries governed by GDPR and UK GDPR may access our policies...Temporary workWork at officeLocal area
$130k - $160k
...passion for driving project success? The Federal Project Controls and Compliance Manager ensures that government projects adhere strictly to FAR, DFARS, Davis‑Bacon,... ...to mitigate legal, financial, and reputational risks. They oversee contract lifecycles, manage internal controls...Contract workFor subcontractor- ...of Cybersecurity Third-Party Risk Management leads the enterprise... ...providers, contractors, technology partners, SaaS platforms, cloud... ....Key ResponsibilitiesProgram Governance and StrategyLead the enterprise... ...risk scoring, due diligence, control assessment, remediation, risk...Contract workFor contractorsFor subcontractorWork at officeLocal areaWork from home
$80k - $241.8k
...services in alignment with Investment Policy Statements and internal control standards. Represent the organization as a 3(38) Investment... ...ensure service standards are met. Lead investment‑related technology initiatives and system enhancements to improve advisor...Temporary workWork experience placementWork at office- Director of Instructional Technology Longleaf School of the Arts, Raleigh, North Carolina Qualifications... ...Overview Under the direction of the Head of School and/or Director of Operations,... .... Facilities systems. Security: access control and security cameras (Provider: Sonitrol)...Full timeWork at officeRemote work
$130k - $160k
Flatiron Construction Corp is seeking a Federal Project Controls and Compliance Manager to lead compliance on government projects across multiple locations. This role includes managing contracts, risk assessments, and ensuring adherence to FAR and DFARS regulations. The...- ...members based on their values, goals, and risk parameters. The Portfolio Manager will... ...understanding of and adherence to operational controls, policies, procedures and processes to... ...in a compelling Skill in adopting technological advancements and facilitating into current...Work at office
- ...Cybersecurity Third-Party Risk Management (CTPRM) function... ...Services (TPS). Reporting to the Head of Security Governance, this role will redefine... ...intelligent, adaptive, and technology-driven risk management... ...sustainable remediation, and strong control evidence. QUALIFICATIONS...Full timeContract workPart timeShift workDay shift
- ...needs and objectives in the short, medium and long term through a holistic goals based planning approach Strictly adhere to all risk and control policies, regulatory guidelines and security measures Required Qualifications, Capabilities, and Skills Six plus years of...Temporary workWork experience placementLocal area
$120k - $205.2k
...why there’s nowhere like RSM. Program Risk Solutions Manager - PMP The Program Risk... ...consulting practice, specializing in managing governance, risk, security, and compliance across... ...risk, or implementing intelligent controls, compliance analytics, and business application...Work experience placementInternshipLocal areaNight shift- A biotechnology company in Morrisville seeks a Director of Information Security to lead the information security initiatives and risk management program. The ideal candidate should have over 10 years of experience in information security, with significant leadership experience...
$215k - $265k
...pay later without any hidden fees or compounding interest. The Risk & Analytics team makes crucial decisions that direct Affirms business... ...our mission to change consumer finance through better data and technology, lower costs, and increased transparency while providing the...Work experience placementWork at officeRemote workFlexible hours- ...administrators Teach, develop, and oversee staff throughout engagements; delegate assignments and tasks appropriately Direct and control engagement planning process to successful completion Bottom‑line management of assigned engagements and individual productivity opportunities...Contract workWork at officeFlexible hours
- 慨正橡扯 is looking for a Senior Associate in their Consumer & Community Banking division in North Carolina. This role involves transforming visions into market-ready products while ensuring effective communication and collaboration across teams. You will be responsible for...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Head of Technology Risk, Governance, and Controls. Be the first to apply!
- senior risk manager Raleigh, NC
- head of risk management Raleigh, NC
- director of risk management Raleigh, NC
- operational risk manager Raleigh, NC
- risk management manager Raleigh, NC
- director credit risk Raleigh, NC
- risk management specialist Raleigh, NC
- risk management associate Raleigh, NC
- risk assurance Raleigh, NC
- antepartum high risk ob nurse Raleigh, NC

