Position: Technology Risk Director (Archer)
Location: Dallas, TX (HYBRID)
About Paradigm Technology – Intelligence Amplified
Paradigm Technology is a strategic consulting firm that turns vision into tangible results. For over 30 years, we've helped Fortune 500 and high-growth organizations accelerate business outcomes across data, cloud, and AI. From strategy through execution, we empower clients to make smarter decisions, move faster, and maximize return on their technology investments. What sets us apart isn't just what we do, it's how we do it. Driven by a clear mission and values rooted in integrity, excellence, and collaboration, we deliver work that creates lasting impact. At Paradigm, your ideas are heard, your growth is prioritized, your contributions make a difference.
Summary:
- Looking for a Technology Risk Director-Enterprise Technology & Security (ETS) with Archer (formerly RSA Archer) experience
- The Director serves as a key advisor to senior leadership on technology risk matters, drives the maturation of the enterprise risk framework, and maintains strong relationships with regulators, audit, and governance bodies
- Looking for someone who has worked with Archer GRC but is also open to building AI options that could possibly replace Archer GRC
- Looking for a creative thinker
- Hands-on experience with Archer GRC is preferred
- This is a Contract-to-Hire opportunity
- This position is Onsite 4 days per week
Responsibilities:
- Lead and oversee the Technology Risk Management function, providing strategic direction to a team of risk professionals and fostering a culture of accountability, excellence, and continuous improvement
- Develop, implement, and continuously evolve a comprehensive technology risk management strategy and framework aligned with enterprise risk appetite, regulatory expectations, and industry best practices
- Oversee the identification, assessment, monitoring, and reporting of technology and security risks across systems, applications, infrastructure, and processes
- Serve as the primary executive liaison for regulatory examinations, internal audits, and supervisory engagements related to technology and security risk, ensuring effective coordination and high quality outcomes
- Define and maintain technology risk policies, standards, control libraries, and assessment methodologies to support consistent and scalable risk management practices
- Partner with senior technology leaders, business executives, compliance, audit, and governance teams to embed risk management into strategic planning and decision making
- Provide clear, actionable, executive level risk reporting and insights to the Risk Committees and senior management, translating complex risk landscapes into strategic guidance
- Oversee the portfolio of risk findings, regulatory commitments, and corrective action plans, driving timely, effective, and sustainable remediation
- Lead oversight of Third-Party Risk Management for the organization’s technology and security critical service provider relationships
- Monitor industry trends, emerging threats, and regulatory developments to proactively adjust the organization’s risk posture
- Champion a strong risk aware and risk informed culture across the technology organization through education, engagement, and communication
Team-Specific Requirements:
Cloud & Modern Engineering Platforms:
- Working knowledge of cloud services and architectures (AWS and Azure preferred), including shared responsibility models, identity and access management, and cloud native security controls
- Experience assessing risk in DevSecOps, CI/CD pipelines, containerized workloads (Docker/Kubernetes), and infrastructure as code environments
Infrastructure, Platform & Engineering Risk:
- Strong understanding of enterprise infrastructure platforms, including Windows, Linux (RHEL), virtualization (VMware), databases, middleware, and core network services
- Experience evaluating End of Life (EOL) / End of Support (EOS) risk, technical debt, and remediation prioritization across large engineering estates
Cybersecurity & Resilience:
- Hands-on familiarity with vulnerability management, platform hardening, secure configuration standards, and threat remediation prioritization
- Experience with technology resilience, including BCP/DR, cyber recovery, data protection, backup strategies, and resiliency testing
- Ability to translate engineering and cyber risks into business impact, service disruption, regulatory exposure, and customer risk
Risk Frameworks & Governance:
- Deep experience with enterprise technology risk management routines, including RCSAs, issue management, risk assessments, targeted reviews, and control testing
- Working knowledge of regulatory and risk frameworks relevant to financial institutions (FFIEC, NIST, ISO, COBIT, COSO, CRI)
- Proven ability to synthesize large volumes of technical risk data into clear, prioritized executive level insights
Risk, Issue, and Compliance