Jobs · Information Technology

Lead, IT Risk

Gemini · New York, NY · 4 days ago
RemoteRemoteInformation Technology$99k–$142k/yrFull-time

Responsibilities

  • Risk Assessment & Monitoring
    • Execute the IT Risk Management Framework, including risk identification, analysis, and reporting.
    • Conduct annual IT risk assessments, including RCSAs, targeted risk reviews, and new product/key initiative assessments.
    • Maintain the IT risk register; ensure timely updates and accurate reporting of exposures.
    • Perform post-mortem risk reviews for critical incidents and support operational loss reviews with ORM.
  • Governance & Frameworks
    • Assist the Head of IT Risk in maintaining risk policies, standards, and procedures that align with Gemini’s enterprise risk management program and regulatory expectations (NYDFS, DFS, OCC, CFTC).
    • Coordinate with Technology and Security teams to ensure policies and controls are properly implemented and followed.
    • Help prepare materials for risk committees, regulators, and senior leadership.
  • Controls & Testing
    • Partner with Internal Audit, IT, Security, and BCM to assess design and operating effectiveness of IT and cyber controls.
    • Support control testing for internal/external audits, RCSAs, and regulatory examinations.
    • Track remediation and validate closure of issues using GRC tool(s).
  • Collaboration & Stakeholder Management
    • Serve as a liaison between IT Risk and other functional areas, facilitating risk awareness and control adoption.
    • Provide guidance to IT teams on risk and control considerations for new projects, initiatives, and system changes.
    • Contribute to risk awareness training and initiatives across the organization.
  • Reporting & Metrics
    • Aid in the development of periodic risk dashboards and key risk indicators (KRIs).
    • Support the Head of IT Risk in communicating IT risk posture to senior leadership.
    • Support development of IT & Security dashboards; ensure metric accuracy and timely updates.
  • Business Continuity & Resilience
    • Execute and maintain the Business Continuity Management (BCM) program, including governance artifacts, testing, audits, and issue remediation.
    • Assess and manage business continuity risks, including people dependencies, facilities, physical security, and third-party operational resilience.
    • Drive crisis response and regulatory notifications (e.g., NYDFS), including escalation, documentation, and external stakeholder coordination.
    • Validate vendor BCM compliance and define and monitor business impact thresholds (RTOs, RPOs, tolerances), supporting ongoing impact assessments and reporting.

    Qualifications

    • Bachelor’s or advanced degree in Information Security, Risk Management, or related field.
    • 8+ years of experience in IT internal audit, IT risk management, or related roles in highly regulated industries with strong knowledge of IT risk, cybersecurity, operational risk, and third-party/vendor risk.
    • Proven experience in implementing risk management frameworks, control testing, and data governance.
    • Familiarity with regulatory requirements (NYDFS, SOC2, PCI DSS).
    • Excellent communication and stakeholder engagement skills.

    Preferred Qualifications

    • Previous experience working at a digital asset institution.
    • At least one relevant industry certification (e.g., CISSP, CISM, CRISC, CISA).
    • Experience with GRC tools (e.g., AuditBoard, Archer).
    • Strong executive presence with ability to drive enterprise-wide alignment.

Similar jobs

Risk Lead

MaceWashington, United States· 2 wk ago
Managementapply on careers.macegroup.com

Risk Lead

TCWLos Angeles, CA· 1 wk ago
Finance$200k–$250k/yrapply on careers-tcw.icims.com

Risk Lead

MaceIndianapolis, IN· 2 wk ago
Managementapply on careers.macegroup.com

Lead Safety

Ervin Cable Construction LLCConway, AR· 1 mo ago
Manufacturingapply on dycomind.jobs.hr.cloud.sap