VP Technology Governance & Risk

Description

The VP of Technology Governance & Risk is responsible for establishing and leading the first line of defense governance for technology risk across the credit union including IT, Cybersecurity, & Data governance. This role ensures that technology teams operate within defined risk tolerances by embedding governance, risk, and compliance (GRC) practices into day-to-day operations. The VP partners closely with IT Security, IT, Data, Information Security, Internal Audit, Enterprise Risk, and business units to ensure alignment with regulatory expectations and internal policies.

To be effective, an individual must be able to perform each job duty successfully.

Governance Leadership: Develop and lead the first line technology governance program, ensuring alignment with enterprise risk appetite and regulatory requirements.
Risk and Control Culture: Create a proactive risk and control culture. Offer guidance, best practices, and support to drive awareness and understanding of the technology risk and controls framework.
Policy & Standards Management: Own and maintain technology policies, standards, and procedures, within 2nd line established framework. Ensure consistent implementation across all technology domains.
Risk Identification & Mitigation: Proactively identify, assess, and mitigate technology risks through embedded controls, issue management, and remediation tracking.
Control Design & Testing: Collaborate with control owners to design effective controls. Coordinate with second and third lines on control testing and validation.
Metrics & Reporting: Develop and report on key risk indicators (KRIs), key performance indicators (KPIs), and control effectiveness metrics to senior leadership.
Regulatory Readiness: Ensure technology teams are prepared for audits and regulatory exams. Coordinate responses and remediation of findings.
Collaboration & Influence: Serve as a liaison between technology and risk/audit functions. Influence decision-making by providing risk-informed insights.
Create 1st Line RCSA documentation.

The requirements listed are representative of the knowledge, skills, and/or abilities required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential job functions.

Education and Experience

Experience: 10+ years in technology risk, IT governance, or IT operations within financial services. 5+ years in a leadership role with direct responsibility for risk or governance functions. Experience working with second and third line functions (e.g., InfoSec, Internal Audit). Familiarity with regulatory frameworks (e.g., FFIEC, GLBA) and industry standards (e.g., NIST, COBIT, ISO 27001).
Education: Bachelor’s degree in Information Systems, Computer Science, or related field. Master’s degree or MBA preferred.
Certifications (preferred): CISA, CRISC, CGEIT, or similar governance/risk certifications.

Knowledge & Skills

Skills: Strong understanding of IT operations, cloud technologies, and cybersecurity fundamentals. Excellent communication and stakeholder management skills. Proficiency in Microsoft Office and GRC platforms. Ability to lead cross-functional initiatives and drive accountability.
Perceived by external peers as a thought leader in Technology Governance and translates expertise to develop creative strategies to organizational challenges.

Leadership and Organization Development

Adapts or creates systems to deliver objectives
Adapts leadership style to the situation
Uses networks across formal and informal organizations to get things done
Develops multifunctional leadership across BU
Coaches other coaches for skill mastery
Is responsible for orchestration of talent development & movement across the business unit or function
Leads Work effectively & regularly across functions
Accountable for team effectiveness across business unit or function

Scope and Strategic Impact

Responsible for leading a significant sub-function or business process in a function
Directs highly visible initiatives and/or projects with the high level of risk and complexity
Focuses on the achievement of departmental goals and has a significant contribution to achieving functional goals
Operates with autonomy on assigned operational matters; is accountable to BU SVP and Sr. Leadership
Is accountable for delivery of budget
Participates in development of BU strategic plans
Recommends solutions to strategic issues of importance to the company
Envisions and plans projects that are strategic in nature, affecting the entire company or several functional areas
Accountable for executing and empowering the strategy set by the senior leadership and integrating procedures within function and across the organization
Strategic planning horizon generally 2-3+ years

Analytical Thinking & Problem Solving

Uses vast intuition and experience to complement data
Evaluates key business and organizational challenges within the function with some assessment of cross-functional impact
Directs the resolution of complex or unusual business problems
Problems are ambiguous and complex
Solutions need to be devised based on some information requiring judgement to apply new solutions and concepts
Implementation of solutions requires a medium to long term view