Enterprise Risk Leader

Job Description

We are looking for a dynamic and experienced ERM Leader to lead the IT Risk and Controls testing function within the Enterprise Risk Management (ERM) division. This is a senior leadership role responsible for overseeing the strategic execution of IT control assurance, regulatory compliance, and risk mitigation across enterprise-wide systems, infrastructure, and applications. The ideal candidate will have 18+ years of progressive experience in IT risk management, internal audit, or technology controls, with strong expertise in managing teams, working with senior stakeholders, and driving large-scale risk and control testing programs in regulated financial environments. Please share your cv at surbhi.malhotra@nlbtech.com Key Responsibilities: Leadership & Strategic Oversight Define and execute the IT control testing roadmap in alignment with ERM objectives and organizational risk appetite. Lead a team of IT control testers, ensuring delivery excellence, operational efficiency, and high-quality reporting. Serve as a key advisor to senior leadership on IT risk posture, control weaknesses, and mitigation strategies. Governance, Risk & Compliance (GRC) Oversight Own the testing and evaluation of IT General Controls (ITGCs), automated application controls, and cybersecurity-related controls across systems and infrastructure. Drive Risk and Control Self-Assessment (RCSA) initiatives for IT functions, ensuring proactive risk identification and effective remediation. Regulatory Compliance & Audit Management Ensure testing programs comply with regulatory standards such as SOX, FFIEC, OCC, NIST, ISO 27001, COBIT . Liaise with internal and external auditors, manage regulatory exams, and ensure timely remediation of audit findings. Stakeholder Engagement & Influence Collaborate with leaders across IT, Cybersecurity, Compliance, Legal, and Internal Audit to build consensus and drive risk-focused decisions. Present risk reports, control testing insights, and mitigation progress to executive leadership and governance committees. Innovation & Continuous Improvement Enhance control testing frameworks, automation, tools, and methodologies. Stay abreast of emerging risks (e.g., cloud, third-party, AI/ML, data privacy) and evolve the control testing approach accordingly. Key Qualifications: Education: Bachelor's degree in Information Technology, Computer Science, Risk Management, or related field (Masters preferred) Professional Certifications: CISA, CRISC, CISSP, CGEIT, or similar Experience: 18+ years in IT risk management, IT audit, or control testing, with at least 10+ years in a leadership level role Proven track record in managing large-scale testing programs and regulatory engagements Experience in BFSI, fintech, or other highly regulated sectors Technical & Domain Expertise: In-depth knowledge of ITGCs, application controls, cloud governance, SDLC, IAM, and infrastructure security Familiarity with leading GRC platforms such as Archer, MetricStream, ServiceNow GRC Strong data analysis capabilities using tools like Excel , Power BI , or Tableau Leadership & Soft Skills: Strong leadership and team management skills Strategic mindset with the ability to influence cross-functional stakeholders Excellent written and verbal communication, presentation, and executive reporting skills Preferred Attributes: Experience leading IT RCSA implementations and control automation initiatives Deep understanding of cloud technology risks, third-party risk management, and data privacy frameworks (e.g., GDPR, DPDP) Ability to manage multiple priorities in a fast-paced and regulated environment Please share your cv at surbhi.malhotra@nlbtech.com