Director, Technology Risk

Geode Capital Management • Full-time • Boston, MA, US • 6d ago

Reporting to the Head of Risk, the Director of Technology Risk is responsible for technology risk management across the organization. This role involves identifying, assessing, monitoring, managing, mitigating, and reporting of relevant risks in a structured, coordinated, and consistent manner. The Director of Technology Risk will help design, develop, refine, and implement risk management policies, procedures, and strategies to protect the organization and support Geode’s business objectives, strategy, and overall success.

This is a hybrid work environment opportunity located in Boston, Massachusetts with a weekly office schedule of Tuesdays, Wednesdays and Thursdays and remote work availability on Mondays and Fridays.

Primary Responsibilities:

Assist with design and lead the implementation of technology risk focused policies & procedures, including the company’s risk assessment framework as well as technology focused risk andcontrol assessments.
Design, operationalize, and lead highly effective technology risk assessments and scenario analyses to evaluate the impact of identified risks.
Measure adherence to the company’s risk framework & industry standard IT control frameworks (e.g. COSO, COBIT, NIST) through periodic reporting to Senior Management & the Risk Oversight Committee.
Implement data and metrics-based analysis to help proactively monitor and report on technology risks through use of Key Risk Indicators (‘KRIs’).
Evolve Geode’s use of Governance, Risk, & Compliance (‘GRC’) tool, including adoption of IT risk management, business continuity & disaster recovery modules.
Help establish and maintain a risk taxonomy, technology controls inventory, and IT risk assessment related data within the GRC tool.
Partner with Technology & Information Security to identify control gaps and implement key controls for the Technology organization. Assist with remediation of errors and incidents.
Participate in strategic technology related initiatives, including IT architecture, systems implementation, cloud computing, data strategy & governance, artificial intelligence, etc. and advise on technology risk best practices.
Contribute to the development of the company’s Data Governance Strategy and assist with implementation of data governance procedures and controls.
Co-lead initial risk assessment and on-going due diligence of Geode’s key technology vendors to identify and assess any risks that may directly or indirectly impact the company.
Develop and implement crisis management plans to respond to emergencies and significant business disruptions, including restoration of data and systems.

Skills You Bring:

Minimum of 10+ years of professional experience in technology risk, information security, or IT audit, preferably with experience in the asset management industry.
Bachelor's degree (or above) preferably in computer science or related field.
IT risk, security, or auditing related certifications are preferred (e.g. CRISC, CISSP, CISM, CISA, etc.)
Mastery of IT risk management practices, regulatory requirements, IT Risk frameworks (e.g., NIST CSF, NIST RMF, COBIT, ISO, CSC, etc.), and the software development lifecycle (SDLC).
Knowledge of a cloud-services environment and associated best practices.
Proven success leveraging technology, data analytics, and other advanced techniques to deliver risk management best practices.
Ability to leverage and analyze data to inform critical decisions and make recommendations.
Excellent communication skills, both written and verbal with an ability to effectively interact and influence at all levels.
Strong relationship building, organization, and critical thinking skills.
Proficient time management skills with the ability to multi-task and meet deadlines.

Company Overview:

Founded in 2001, Geode is headquartered in Boston’s financial district, the center of one of the world’s most vibrant finance and technology hubs and employs approximately 170 employees.

Geode is an institutional asset manager providing core beta exposures across a range of equity and niche asset classes, with over $1 trillion in AUM as of September 30, 2024. With a robust infrastructure and experienced investment professionals, Geode offers the scale of a large asset management firm with the benefits of a smaller organization.

Geode is proud to be an equal opportunity employer and support a diversified work environment. Learn more about Geode at www.geodecapital.com/careers.