Technology Risk Solutions Manager
Overland Park, KS or Frisco, TX

The Technology Risk Solutions Manager is an individual contributor role within the Financial Processes and Controls team. This position is responsible for evaluating SOX and operational IT risks for organizational products and facilitating the design and implementation of technical IT controls (including IT General Controls and IT automated controls) as well as business controls to mitigate these risks. We are looking for an experienced professional to help mature the company's risk landscape, including risk governance, risk assessments for enterprise initiatives, and ongoing monitoring and reporting. The role involves collaboration with cross-functional teams, including IT, Finance, and Audit, to assess risks, develop effective control solutions, and facilitate remediation of control gaps.

Responsibilities:

Risk Management Strategy and Assessment

• Identify and assess SOX and operational IT risks within complex IT and business processes, developing strategies to mitigate those risks.

• Partner with IT and business leaders to design and implement IT General Controls (ITGCs), IT automated controls, and business controls to address critical risks.

• Develop and implement comprehensive technology risk and control governance frameworks and standards, ensuring alignment with industry best practices and regulatory requirements.

• Facilitate remediation of control deficiencies and gaps, providing leadership and guidance throughout the remediation lifecycle.

• Evaluate SOC1/SOC 2 reports for third-party applications and assist in designing and implementing Complementary User Entity Controls (CUEC).

• Monitor changes in regulatory requirements and emerging technologies, providing guidance on their impact on the IT and business control environment.

• Train IT and business teams on the enterprise risk framework and standards.

• Prepare risk reporting for review by business and IT leadership.

Project Management

• Support the delivery of technology risk solutions within business processes by managing the product risk management lifecycle.

• Manage the execution of control development, design, and testing activities, including coordination with internal and external auditors for new technologies.

• Collaborate with cross-functional teams to identify control objectives, control activities, and control owners to mitigate IT risks.

• Work with IT development teams to ensure that IT controls are integrated into system development life cycle (SDLC) processes.

Relationship and People Management

• Work closely with IT and business teams to assess and monitor the effectiveness of IT and business controls, recommending enhancements where necessary.

• Provide training and coaching to junior team members to support their understanding of the technology and business risk assessment process.

• Manage relationships with business, IT, and audit stakeholders on large and complex cross-domain initiatives.

Qualifications:

Education:

• Bachelor’s degree in Information Systems, Information Technology, Accounting, Auditing, or a related field (required).

• Advanced degree or relevant certifications (e.g., CISA, CISSP) are a plus.

Work Experience:

• 4-7 years of experience in IT governance, risk, and compliance with a specific focus on SOX and operational risk management (required).

Knowledge, Skills, and Abilities:

• Proficiency in assessing IT and business SOX and operational risks and implementing effective control solutions (required).

• Strong knowledge of IT General Controls (ITGCs), IT automated controls, and business controls, including their application in financial reporting and operational processes. Familiarity with how applications, operating systems, and databases work to implement ITGCs in logical access, change management, and computer operations (required).

• Excellent communication and collaboration skills, with the ability to influence stakeholders at various levels of the organization (required).

• Strong analytical and problem-solving abilities, with keen attention to detail (required).

• Ability to adapt to a dynamic and fast-paced environment and manage multiple priorities with urgency (required).

• Knowledge of industry frameworks and standards, such as COBIT and ISO 27001 (preferred).

• Experience with ongoing risk monitoring, reporting, and technology enablement tools (e.g., GRC platforms like Archer or ServiceNow) (preferred).

• Understanding of cloud technologies and associated risks and controls (preferred).

• Experience with agile SDLC methodologies, ERP systems, or DevOps tools (preferred).

Additional Requirements:

• Must be at least 18 years old.

• Legally authorized to work in the United States.

Travel Requirements:

• Travel required: No

Position Classification:

• DOT regulated position: No

• Safety-sensitive position: No

Compensation:

Pay Range: $95,300 - $171,900 (base pay) Corporate Bonus Target: 15%

Actual pay will depend on various factors, such as location, qualifications, and experience, with starting pay falling within the provided range. Employees in eligible roles may also receive an annual bonus based on individual and/or company performance.

Benefits:

Our benefits exemplify our commitment to supporting every team member. Full- and part-time employees enjoy access to comprehensive benefits, including:

• Medical, dental, and vision insurance.

• Flexible spending accounts.

• 401(k) plan with matching.

• Employee stock grants and purchase plans.

• Paid time off, including up to 12 paid holidays (approximately four weeks annually for new full-time employees and 2.5 weeks for part-time employees).

• Paid parental and family leave.

• Family-building benefits and childcare support.

• Tuition assistance and college coaching.

• Short- and long-term disability coverage.

• Voluntary insurance options (life, AD&D, accident, and long-term care).

• Mobile service and home internet discounts.

• Access to commuter and transit programs.

Professional Growth:

We are committed to fostering a workplace culture that promotes career growth. Employees have access to a wide range of opportunities to develop their skills and advance in their careers. By applying for this role, you are taking the next step toward achieving your career goals with an organization that values your potential.

Equal Opportunity Employer:

Our organization is an Equal Opportunity Employer. Employment decisions are made without regard to age, race, ethnicity, color, religion, creed, sex, sexual orientation, gender identity or expression, national origin, marital status, citizenship status, veteran status, disability, or any other status protected by law. Discrimination, retaliation, or harassment based on any of these factors will not be tolerated.

If you require reasonable accommodation during the application or interview process, please let us know.