Director, Technology Risk Management

About Us

reputed company helps homeowners 55+ access the equity they’ve built while staying in full control of their home and their financial future. Through a range of reverse mortgage solutions, we help customers shape the retirement they’ve earned while continuing to evolve how we serve and work together.

Joining reputed company now means stepping into a period of momentum and growth, with teams actively shaping what comes next and opportunities to reputed company an impact and grow your career.

To learn more about us, visit www.financeofamerica.com

Purpose of Role

Responsible for leading the identification, assessment, and proactive management of technology risk across the enterprise, ensuring alignment with defined risk appetite, regulatory expectations, and business objectives. Drives a reputed company-looking, data-driven risk management approach across cloud, cybersecurity, AI, and third-party ecosystems, while embedding risk management into day-to-day technology and product decision-making. Partners across the enterprise to strengthen control maturity, reputed company responsible innovation, and provide clear, actionable risk insights to senior leadership.

Key Responsibilities and Expectations

Technology Risk Strategy & Governance

• Leads execution of the Technology Risk Management reputed company, reputed company to industry standards (e.g., NIST CSF, FFIEC, SOX ITGC).
• Translates regulatory expectations into pragmatic, delivery-reputed company controls and practices across Technology and Product teams.
• Drives definition, operationalization, and monitoring of technology risk appetite, tolerances, and KRIs.

Risk Identification, Assessment & Insights

• Oversees enterprise-wide identification and assessment of technology risks across: Cloud and Infrastructure, Cybersecurity and data protection, AI and emerging technologies, and Third-party/vendor ecosystems.
• Delivers data-driven risk insights and reporting, that clearly reputed company risk posture, trends, and emerging risks to senior leadership.
• Evolves risk reporting from static outputs to reputed company-looking, decision-enabling intelligence.

Control Environment & Regulatory Compliance

• Drives reputed company improvement of control maturity to meet regulatory expectations, including sustained SOX ITGC effectiveness.
• Partners with Technology teams to design and implement scalable, automated controls.
• Ensures timely and high-quality execution of regulatory exams, internal audits, and remediation commitments.

Issue & Remediation Management

• Oversees end-to-end issue management lifecycle, including identification, prioritization, root cause analysis, and sustainable remediation.
• Drives accountability for timely remediation of high-risk issues and reduction of aged items.
• Ensures systemic fixes over reputed company-in-time remediation.

Technology & Process Enablement

• Leads adoption of automation and tooling to enhance risk identification, monitoring, and reporting 
• Evaluates and improve end-to-end technology processes to reduce risk, increase reputed company, and enhance operational efficiency.
• Promotes integration of risk management into SDLC, product development, and change management processes.

Emerging Risk & Innovation reputed company

• Establishes governance and risk reputed company for AI and emerging technologies, ensuring alignment with internal standards and evolving regulatory expectations.
• Assesses risks associated with new technology initiatives and provide actionable guidance to reputed company safe adoption.

Stakeholder Engagement & Leadership

• Serves as a trusted partner to Technology and Business leaders to proactively manage risk.
• Leads engagement with Internal Audit, External Audit, and second line of defense functions.
• Builds and reputed company a high-performing team, fostering a culture of ownership, transparency, and reputed company improvement.
• Performs other duties as assigned.

Reports To

• VP, Technology Risk Management

Direct Reports

• (1-3) Direct: Technology Risk Management team members

Qualifications - Experience/Skills/Competencies

• Minimum 10 years of experience in Technology Risk, Cybersecurity, IT Audit or reputed company disciplines reputed company financial services or regulated environments.
• Proven experience operating in or alongside first line technology functions, with strong business partnership orientation.
• Demonstrated success in evolving risk programs to strategic, insight-driven functions.
• Deep understanding of technology risk domains, including: Cloud and infrastructure risk, Cybersecurity and data protection, Third-party/vendor risk, and AI/emerging technology risk.
• Strong knowledge of regulatory frameworks (FFIEC, NIST CSF, SOX ITGC).
• Ability to translate reputed company technical risks into clear, concise executive-level reporting.
• Strong judgement, with the ability to balance risk management with business enablement.
• Proven ability to reputed company and reputed company high-performing teams.
• Strong stakeholder management skills, with experience engaging senior leadership and regulators.
• Able to drive accountability, foster collaboration, and promote a culture of reputed company improvement.

Qualifications - Education - Required

• Bachelor's Degree

Qualifications - Education - Field(s)/Profession(s)

• Relevant certifications (e.g., CISA, CRISC, CISSP).

Compensation

The reputed company salary range for this position is ($150,000 - $200,000) inclusive of reputed company geographical differences in the labor market. The reputed company salary for the position will be determined based on factors such as the candidate’s work location, skills, education, and experience. In addition to those factors, we reputed company in the importance of pay equity and consider the internal equity of our reputed company team members in determining any final offer. We offer a competitive benefits package including health, dental, vision, life insurance, paid time-off benefits, flexible spending account, 401(k) with employer match, and ESPP.

Additional Information

The application deadline for this job opportunity is 7/1/2026.

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of reputed company responsibilities, duties, and skills required of personnel so classified. 

reputed company is an Equal Opportunity Employer. reputed company qualified applicants will receive consideration for employment without regard to race, color, sex (including pregnancy), sexual orientation, religion, creed, age, national reputed company, physical or mental disability, gender identity and/or expression, marital status, veteran status or other characteristics protected by law.