The Technology Risk group is a small team within the global Technology organization and is responsible for proving technology governance, risk management and controls oversight to ensure the Technology team operates in a safe and sound manager and within regulatory expectations. The Technology Risk team is also responsible for ensuring the firm understands technology risk and the impact it can have on the firm, its reputation, and potential business opportunities.

This individual contributor role provides a unique opportunity to work with a team of diverse and talented technology professionals to build out and govern the technology risk program. Reporting to the Executive Director of Technology Risk, this position is responsible for supporting risk identification and management, updating of IT policies and procedures, risk assessment and reporting, IT third party due diligence, external audits deliverable tracking, and assisting in the development of materials for executive presentations.

Location: NYC

The person in this role will aid in the execution of a broad array of duties that include:

• Lead and maintain IT third party / vendor risk management process by conducting vendor due diligence and risk analysis, maintenance of vendor risk assessment reports, collaborate with IT team to provide responses to client security questionnaires and RFIs, and keeping associated it policy and process documents up to date.
• Partner with the IT team leads to ensure IT vendor invoices and contracts align with IT budget. Work with the team to make any necessary corrections and submit contacts/invoices for approval, and track through the lifecycle to ensure timely completion and approval.
• Own IT quarterly metric dashboard reporting for support tickets, assets, change management, and other metrics as needed.
• Manage and maintain IT policies and procedures. Identify and resolve inconsistencies between policies, procedures, and regulatory expectations; and manage document updates as needed.
• Lead audit evidence gathering and remediation activities for any IT audit and control findings as they relate to technology risk and IT controls compliance.
• Ensure key risks, trends, issues, and watch items are brought forward into clear management summaries, progress reports and executive presentations.
• Identify and manage risks, gaps, and opportunities for improvement, and reporting of findings in a simple but compelling way.
• Provide the IT team with tracking of program and project deliverables as needed.
• Engage with leaders from the Business, HR, Legal, Compliance and Finance to understand and meet their technology needs.

Qualifications:

• Minimum of 7 years of experience in the Financial Services industry, preferably in technology risk management
• Bachelor’s Degree in Information Management or related field. MS or MBA a plus
• Vendor risk management experience a strong plus.
• Technology audit, risk and control experience in a regulated environment a strong plus.
• Ability to produce and maintain clear and concise documentation and reports, specifically developing/updating IT policies and procedures, risk assessment reports and presentations.
• Excellent analytical skills with high attention to detail and accuracy.
• Highly disciplined with ability to work with limited supervision and make independent decisions.
• Proficiency with Microsoft Office /O365, collaboration tools such as Teams, SharePoint, and Zoom.
• Demonstrate a high level of professionalism, self-motivation and sense of urgency with ability to multitask and prioritize while delivering high quality results.
• Strong ability to understand complex technical concepts and translate them into concise, digestible summaries for executive management, business partners and the user community for consumption and understanding.
• Good interpersonal communication skills with experience and confidence in collaborating with internal and external partners and stakeholders to develop productive relationships and achieve positive outcomes.
• Ability to learn quickly with a wiliness to take ownership for new projects and learning new technologies and methodologies to support the team.
• Ability to anticipate and identify risks to support the implementation of effective mitigation plans.
• Advanced Excel and PowerPoint skills; Macros and charting a strong plus.
• Experienced with metric collection and presentation, data analytics and reconciliation, business analysis and process improvement a plus.

The annualized base salary for this position is $110,000 - $140,000.

The annualized base salary range represents low and high ends of the base pay range for this position. The specific base salary an employee in this job classification receives depends on a number of factors, including but not limited to, geographic work location, prior employment history/experience, job-related knowledge, qualifications and skills, etc.

Base pay is just one component of PWP’s total compensation package that may be available to employees. Depending on the position and other factors, other rewards may also include discretionary bonuses, Restricted Stock Units (RSUs), paid time off, and many other benefits, subject to applicable eligibility criteria and Firm policies.