Technology and Information Security Risk Specialist
$160k - $180kIDBNY
Technology and Information Security Risk Specialist 1114 Avenue of the Americas, NYC, NY, 10036 Vice President | Second Line of Defense Position Summary The Technology and Information Security Risk Specialist provides independent Second Line oversight of the Bank’s technology infrastructure, information security, and cyber risk programs. The role evaluates whether risks are appropriately identified, assessed, escalated, reported, and remediated through a practical, connected, and risk‑based approach. This position strengthens the Bank’s risk posture by providing effective review and challenge, supporting risk assessments and control reviews, and connecting technology and information security risk themes to operational risk, vendor risk, change management, resilience, data management, and broader ERM processes. The role requires technical credibility, sound judgment, strong communication skills, and the ability to work effectively with First Line teams, senior leaders, auditors, regulators, Head Office, and executive stakeholders while maintaining Second Line independence. Core Responsibilities Second Line Oversight and Challenge — Provide independent oversight, ongoing monitoring, and effective challenge of First Line technology infrastructure, information security, and cyber risk programs, including governance, controls, execution, reporting, and residual risk. Risk Assessments and Control Reviews — Lead and review risk assessments, RCSAs, control testing, issues, remediation plans, KRIs/KPIs, policies, procedures, evidence, and supporting analysis. Framework and Program Connectivity — Develop and enhance the Second Line framework for technology and information security risk and assess connectivity to operational risk, vendor risk, change management, resilience, data management, and enterprise controls. Project, Change, and Emerging Technology Risk — Identify, assess, and report risks related to significant projects, new activities, vendor relationships, control changes, AI, automation, and other emerging technologies. Reporting and Enterprise Risk Support — Develop KRIs/KPIs, prepare clear materials for management, committee, audit, board, and regulatory discussions, and provide input for ICAAP, risk appetite, risk profile assessments, and ERM routines. Stakeholder Engagement — Coordinate with audit, regulators, Head Office, First Line technology and security teams, the CISO function, IT Operations Risk, Vendor Management, business lines, and executive stakeholders while maintaining Second Line independence. Training and Work Product — Support targeted risk awareness efforts and produce clear, defensible work that connects facts, risks, controls, dependencies, and conclusions. Qualifications Experience and Education — 10+ years in technology infrastructure, information security, cyber risk, IT controls, or related oversight functions, preferably within a regulated financial institution; bachelor’s degree in a related technical or risk discipline preferred. Technical and Regulatory Knowledge — Strong knowledge of technology, cybersecurity, and control environments, including cloud, applications, infrastructure, access management, resilience, NIST, NYDFS Part 500, FFIEC guidance, and related risk expectations. Risk Assessment and Oversight — Skilled in risk assessments, control reviews, issue management, remediation tracking, risk reporting, governance routines, and effective challenge across First, Second, and Third Line stakeholders. Enterprise and Emerging Risk Connectivity — Ability to connect technology and information security risk themes to ERM processes, including ICAAP, risk appetite, risk profile assessments, enterprise reporting, AI, automation, and other emerging technology risks. Execution and Tools — Experience using GRC tools and managing technology or security‑related projects, technical teams, and cross‑functional workstreams with clear ownership, deadlines, reporting, and follow‑through. Communication and Judgment — Strong analytical, writing, documentation, executive communication, professional judgment, independence, and ability to produce clear, defensible work for senior management, committee, audit, or regulatory review. Preferred Certifications — CISSP, CISM, CISA, CRISC, CEH, or equivalent certifications are strongly preferred. Reporting Structure Reporting Line — Reports to the Head of Risk Strategy and Supervisory Oversight. Key Partners — Partners with Risk, IT, Information Security, Compliance, Audit, Operations, Vendor Management, Head Office, and business stakeholders. Role Focus — Provides independent Second Line of Defense oversight, supports effective review and challenge, and connects technology and information security risk considerations to the Bank’s broader risk framework. Compensation The expected annual salary for this position is between $160,000 and $180,000 at the start of employment. A salary offer is determined on an individualized basis, taking into consideration factors such as an individual’s skills and experience. In addition to base salary, the total rewards package includes eligibility for an annual bonus, medical, pharmacy, dental, and vision plans, life and disability insurance, employee wellness program, retirement and savings plans with employer contributions, generous holiday and paid time off schedules, parental leave, and tuition reimbursement. Additional Information Those with a known mental or physical disability. Pregnant individuals and/or individuals with pregnancy or childbirth‑related medical conditions. Victims of domestic violence, sex offenses or stalking. Employees with religious observance and practice obligations. Accommodations The Bank will make reasonable accommodations to allow employees to perform the essential functions of their position, except where doing so would result in undue hardship to the Bank. Employees who believe they need an accommodation for any of the above reasons should contact their supervisor or a member of Human Resources to request such an accommodation. The Bank will engage in a good‑faith written or oral dialogue regarding accommodation needs, potential accommodations, and the difficulties such accommodations may pose for the employer. The Bank retains the ultimate discretion to choose the appropriate reasonable accommodation. Upon reaching a final determination, the Bank will provide a written final determination identifying any accommodation granted or denied, and will maintain any information regarding the employee’s request in strict confidence as required by law. Disclaimer The above statements describe the general nature and level of work performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed. EEO Statement All your information will be kept confidential according to EEO guidelines. Schedule We are operating on a Hybrid schedule. #J-18808-Ljbffr IDBNY
- ...evolving industry. Job Summary The IT Risk Associate will support the organization’s technology risk management and... ...processes. Help identify potential security vulnerabilities, control gaps,... ...improving the governance framework for information security and IT risk. Assist in...SuggestedInternshipLocal area
- ...Qualifications Interest in Computer Science, Information Systems, Cybersecurity, or a related field Experience in technology audit, governance, risk, and compliance, information security, or related field is preferred, and willingness to learn is required...SuggestedWork at office
$80k - $185.15k
## Software Security Specialist Sr - AI SecurityApplylocations: Two PNC Plaza (PA374): Strongsville Technology Center (OH537): Denver - 12345 W Colfax... ...and playbooks • Mature Risk based approach to appropriately... ...able to leverage that information in creating customized...SuggestedFull timeTemporary workPart timeWork experience placementWork at office- Our client is seeking a Technology Risk & Compliance Analyst to support enterprise risk and information security compliance initiatives. This role partners with internal teams, external partners, and clients to help manage risk, maintain compliance frameworks, and support...SuggestedContract work
- ...perspectives at AHEAD. AHEAD is seeking a Security Analyst to join our internal Platform... ...to the successful delivery of AHEAD’s information security program in order to assure AHEAD... ...posture of our mission critical technology vendors. Reporting directly to our Sr....SuggestedWork at officeFlexible hours
- About Our Company: Delmock Technologies, Inc. (DTI), is a leading HUBZone... ...sophisticated IT (Information Technology) and Health solutions... ...Responsibilities Implement and assess security controls in accordance with... ...information security, cyber risk management, or IT security...For contractorsLocal areaRemote work
$175k
...financial services industry. We are a technology‑driven organization that values bold thinking... ...an experienced PolyPath Market Risk Specialist with strong technical and business knowledge... ...products such as Mortgage‑Backed Securities, Collateralized Mortgage Obligations,...Full timeContract workWork experience placement$105k - $133k
## Senior Security Operations Center (SOC) AnalystApplylocations: US... ...problems holistically with technology built by healthcare experts –... ...focused around DLP and insider risk initiatives, which include... ...Computer Science, Engineering, Information Security, Information Technology...Full timeWork at officeLocal areaVisa sponsorshipFlexible hoursShift work$150k - $190k
...commercial launch and expansion of our data and technology footprint. We are seeking a hands-on, execution-focused Senior Manager, IT Information Security to lead the development, implementation... ...procedures Support transition to a risk-based security model Threat...Visa sponsorshipWork visa$83k - $85k
...decision-making, and emerging technologies, including AI, to build scalable... ...control procedures. Coordinates information from the VP and other supervisors with the Security staff that meets all Fairstead... ...continuity planning, investigations, risk management etc. Great...Work at officeImmediate startAll shiftsFlexible hoursShift work$74k - $158.3k
A leading technology firm is seeking a Cyber Intelligence Business Support Specialist for a remote role in the U.S. The position involves managing cyber threat intelligence operations, data management, and collaborating with cybersecurity teams. Ideal candidates have 5+...Remote job$26.54 - $34.83 per hour
...States and Canada. We’re a brand with technology at our hearts and the most driven and focused... ...to win. About The Role The Corporate Security Specialist (HQ) is tasked with protecting people... ...of life, interruptions of business, risk, fraud, theft, property damage, or other...Hourly payH1bWork at officeVisa sponsorshipFlexible hoursNight shift$120k - $210k
Planet Technologies is collaborating with hackajob to connect them with... ...Senior Microsoft Security & Compliance Consultant with... ...Copilot, including data exposure risks, governance controls, and compliance... ..., and Insider risk and information governance Experience advising...Local areaRemote work$60k - $80k
A leading technology company in the US is seeking a Security Analyst to enhance their cybersecurity posture. This role involves monitoring threats, implementing security controls, and collaborating with cross-functional teams. Candidates should have formal education in...Remote job$84.4k - $154.7k
...support, inclusive culture and technology to become the best version of... ...objective of our consulting risk services is to provide... ...clients in employing proper information systems, resources, and controls... ...information technology control and security engagements. Skills and...Contract workSummer holidayWork at officeImmediate startFlexible hours$110k - $190k
...Office (CDO) sits within the WM Risk organization and strives to... ..., retrieve, and protect information and records at the Firm; and... ...WM data. The WM Application Security Team within WM CDO works to ensure... ...controls are applied across technology assets, including emerging digital...Temporary workWork at office- Leading global asset manager seeking an experienced AI Risk Specialist to join its risk function and provide independent oversight of... ...management and governance committees. Work closely with technology, security, legal, compliance, and business teams to promote robust AI...Work at office
$97.9k - $179.5k
...support, inclusive culture and technology to become the best version of... ...objective of our consulting risk services is to provide... ...clients in employing proper information systems, resources, and controls... ...information technology control and security engagements. Skills...Contract workSummer holidayFlexible hours$119k - $160k
...seeking an ambitious and detail-driven Security Authorization Specialist to join our mission-driven team. We... ...the intersection of cutting‑edge technology and national security, committed to... ...access to Sensitive Compartmented Information (SCI) required. Active...Contract workWork at officeFlexible hours- Description The Director, Information Technology & Security/Compliance is responsible for the day‑to‑day management of the company's IT operations and... ...and contractual requirements. Conduct and coordinate risk assessments, such as penetration testing; develop and track...
$120k - $125k
...Kelly Science, Engineering, Technology & Telecom provided pay... ...currently seeking a Global Risk and Compliance Specialist for a long-term... ...equivalent, and Management Information Systems) Languages: Fluent... ...Regulation) Experience in SAP Security role design, SAP GRC Tools...Full timeContract workWork experience placementLocal area- TBG | The Bachrach Group is in search of a Technology Risk & Compliance Analyst based in New York, NY. The role involves supporting risk management... ...an opportunity to contribute to compliance initiatives and enhance security practices. #J-18808-Ljbffr TBG | The Bachrach Group
- ...DESCRIPTION Join our dynamic team to navigate complex risk landscapes and fortify technology governance, making a pivotal impact in our firm's... ...equivalent expertise in technology risk management, information security, or a related field, with a focus on risk...
- Debevoise & Plimpton LLP in New York seeks a Technology Risk & Compliance Analyst to join the Information Services Department. The role spans client security assessments, ISO27001 programs, vendor risk management and internal compliance reviews. You will coordinate questionnaires...
$140k - $180k
The AI Security Specialist safeguards the firm's use of artificial intelligence — from Microsoft... ...confidentiality obligations. Responsibilities AI Risk Assessment — Evaluate security,... ...firm. Qualifications 5+ years in information security, with 2+ years focused on AI/...- Victaulic is seeking a Security Risk & Compliance Analyst to support its global information security program across various regulatory frameworks. This role involves conducting risk assessments, managing compliance documentation, and coordinating third-party audits. Ideal...
- Job Description The Security Risk & Compliance Analyst supports the organization’s global information security program by assisting in the identification, assessment, and... ...Capacity to understand legacy and progressive technology and security controls along with respective...Work at office
$21.75 per hour
...keep our guests, team and brand secure and lead through crisis... ...sales by mitigating shortage risks, preventing, and resolving theft... ...The role of a Target Security Specialist can provide you with the... ...handheld scanners, and other technology equipment as directed Effective...Hourly payFull timeTemporary workLocal areaFlexible hoursShift workNight shiftDay shift$38 - $40 per hour
A technology solutions firm is seeking an Information Security Analyst (SecOps) for a remote contract position in New York. This mid-senior level role focuses on developing and implementing security awareness programs. Candidates should have 3-5 years of experience in...Remote jobHourly payContract work- Responsibilities CPJ is hiring a Senior Director - Information Technology & Digital Security to provide strategic leadership across the organization's... ...standards, and organizational culture that will reduce risk to CPJ’s staff, journalists, and integrity of its work....
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Technology and Information Security Risk Specialist. Be the first to apply!
- security operations analyst New York, NY
- senior security specialist New York, NY
- application security analyst New York, NY
- entry level information security analyst New York, NY
- security advisor New York, NY
- sr industrial security specialist New York, NY
- cloud security analyst New York, NY
- network security analyst New York, NY
- security clearance specialist New York, NY
- aws security specialist New York, NY


