Director of Risk Management

Director, Technology Risk Management

Remote · U.S. Based · $150K–$200K Base

Most Director-level risk roles ask you to pick a lane. This one doesn’t.

We’re conducting a confidential search for a Director of Technology Risk Management on behalf of a well-capitalized financial services organization. Financial services or fintech experience is a hard requirement for this role — the risk profile of this industry is distinct, and the team needs someone who already understands it. This role was created to share director-level responsibilities and bring senior leadership depth to a lean, high-performing team — someone who can operate at the strategic level while staying genuinely connected to the technical work.

If you’ve spent your career bouncing between cybersecurity, cloud, AI risk, and vendor management — and you’re tired of being told that’s a liability rather than a strength — keep reading.

What You’ll Own

• Lead technology risk management across the full enterprise — security, BCP/DR, regulatory assessments, internal audits, and vendor/third-party risk
• Own strategic planning and future-facing risk decisions while overseeing operational delivery across SOC and non-SOC functions
• Drive the organization’s AI risk program — evaluating AI solutions, managing vendor risk introduced by AI tools, and building governance frameworks that hold up under scrutiny
• Collaborate closely with a peer director and report directly to senior leadership including the CIO
• Build and lead a small, flexible team across both SOC and non-SOC functions

Where You’ll Spend Your Time

This isn’t a pure strategy role — you’ll be hands-on:

• ~50% cybersecurity infrastructure — SOC oversight, vulnerability management, cloud security
• ~25–30% AI-related risk work — program buildout, vendor evaluation, emerging risk
• Remainder across third-party risk, regulatory work, strategic planning, and team development

What We’re Looking For

• 10 years of experience across technology risk, cybersecurity, or related disciplines
• Recent tenure at Senior Manager or Director level — you’ve led teams, not just contributed to them
• Deep hands-on cloud security experience — AWS is the primary environment (~90%), Azure secondary
• SOC experience and vulnerability management expertise are core requirements
• Demonstrated ability to assess and manage AI-related risk — proprietary LLM experience not required
• Third-party and vendor risk management experience; Workday familiarity is a plus, not a requirement
• Financial services or fintech background required — candidates without industry experience will not be considered; Fortune 50 or big-bank backgrounds welcome
• Breadth over depth — we’re looking for someone who has worn multiple hats, not a narrow specialist
• Certifications (CISSP, CSA, CVSS, or similar) helpful but not required if experience speaks for itself

The Role in Practice

• Remote — open to most U.S. states; East Coast hours overlap expected (available by 7/8:00 AM ET)
• Base salary $150K–$200K; candidates above $200K considered but lower probability
• Unlimited PTO with expectation of responsible use
• Interview process: screening → technical interviews → final round with hiring manager and CIO; case study/presentation required at one stage
• Team wants to hire quickly but will wait for the right person — the bar is high

Interested or know someone who fits?

Apply directly or reach out to the Gravity IT Resources team. Confidentiality respected throughout the process.