Senior Manager IT Risk Strategy

• Serve as the primary leader for T&I Regulatory Remediation, driving the vision, structure, and execution of the function at an enterprise level.
• Directly influence senior leadership on T&I remediation matters, ensuring alignment between regulatory expectations, stakeholders and business needs.
• Lead the oversight of T&I regulatory remediation efforts, fostering a risk-aware culture across the organization.
• Establish and lead governance structures that align T&I remediation strategy with business and regulatory expectations.
• Develop, implement, and own the T&I Regulatory Remediation reporting, ensuring best-in-class risk methodologies and tools are in place.
• Oversee all First Line of Defense (FLOD) T&I regulatory remediation routines, ensuring proactive monitoring, reporting, and mitigation of emerging risks.
• Ensure compliance with regulatory requirements (e.g., OCC, Federal Reserve Board, FFIEC) and drive T&I remediation improvements.
• Lead engagement with internal audit, external regulators, and business units to ensure strong risk oversight and governance.
• Oversee T&I regulatory remediation Reporting frameworks, ensuring timely and accurate risk insights for executives and governance committees.
• Communicate T&I regulatory remediation emerging threats, and updates to senior management, Board-level committees, and external regulators.
• Build strong partnerships with business leaders, risk partners, and technology teams to integrate risk intelligence into business processes.
• Lead, develop, and mentor a high-performing team of IT risk professionals, ensuring alignment with organizational goals.

• Bachelor's Degree or equivalent
• 12+ years of experience in IT Risk Management, Operational Risk, or Technology Governance within a large financial institution.
• 8+ years leading enterprise risk programs, including regulatory interactions, governance frameworks, and IT control assessments.
• 5+ years of experience managing and mentoring senior risk professionals, including direct oversight of high-impact teams.

• CISSP, CISM, CRISC, or equivalent IT risk/security certifications (preferred)
• Ability to engage and oversee a long-term T&I regulatory remediation strategy, driving cross-functional collaboration and influencing executive decision-making.
• Expertise in OCC, FRB, FFIEC, and other financial regulatory requirements, including technology requirements, regulatory exam preparation and response.
• Knowledge of NIST, COBIT, ISO 27001, ITIL frameworks, and risk control environments.
• Ability to develop reports focused on key risk indicators (KRIs), and predictive analytics to drive proactive risk management.
• Strong ability to present risk insights and strategic recommendations to senior executives, board members, and regulators.
• Experience leading large-scale transformation initiatives within IT risk, governance, and compliance functions.
• Proven experience in building, coaching, and developing high-performing teams within risk management.

• Comprehensive healthcare coverage, including Medical, Dental and Vision plans, available the first of the month following start date
• Generous 401(k) company matching contribution
• Career Development through Tuition Reimbursement and other internal upskilling and training resources
• Valued Time Away benefits including vacation, sick and volunteer time
• Specialized health and family planning benefits including fertility benefits, and cancer, diabetes and musculoskeletal support programs
• Career Mobility support from a dedicated recruitment team
• Colleague Resource Groups to support networking and community engagement

City National Bank