About Our Company
We’re a diversified financial services leader with more than $1.5 trillion in assets under management, administration and advisement as of year-end 2024. Our team of 22,000 people across 19 countries, serves more than 3.5 million individual, small business and institutional clients. We are a longstanding leader in financial planning and advice, a global asset manager and an insurer.
Our unwavering focus on our clients and strong financial foundation connects each of our unique businesses – Ameriprise Financial, Columbia Threadneedle Investments and RiverSource Insurance and Annuities. Here, we foster meaningful careers, invest in the future, and make a difference for clients, institutions and communities around the world.
Job Description
Within the Technology Risk Office (TRO), the Technology Risk Manager will execute and monitor the Technology operating model to ensure it reliably meets enterprise information technology needs and applicable regulatory expectations. This role partners closely with Technology, Business, Risk, Compliance, and Audit teams to implement and sustain an integrated risk management framework that drives strong technology performance while meeting governance, control, and compliance requirements.
The role operates within the First Line of Defense and is accountable for embedding risk management practices into day-to-day technology activities, supporting operational resilience, regulatory readiness, and sound risk decision making.
Key Responsibilities
- Execute and maintain the Technology operating model in alignment with enterprise Operational Risk Management (ORM) minimum standards and regulatory expectations, partnering with Technology leaders and business stakeholders to deploy, manage, and govern the Technology Risk Management Program, including Governance and Oversight, RCSA, Risk Events, Risk of Change, and Operational Soundness activities (process reviews and control testing).
- Promote effective risk identification, assessment, mitigation, and monitoring across Technology processes.
- Engage with Technology, Risk, Compliance, and Audit partners to ensure risks are transparently communicated and appropriately managed.
- Support and participate, under the direction of senior Technology Risk leadership, in regulatory examinations and ongoing supervisory engagement, including:
- Federal Reserve quarterly meetings
- FINRA and SEC readiness assessments
- Coordinate and support responses to Internal Audit reviews and industry audits, including, SOC 2, ISAE, and similar assessments.
- Track and report on Technology risk issues, remediation plans, and control effectiveness using established governance and reporting forums.
- Contribute to continuous improvement of risk processes, tooling, and operating practices within the Technology organization.
- Build strong working relationships with Technology teams by explaining risk and control expectations in clear, practical terms and helping them achieve high‑quality outcomes.
- Look for practical ways to improve how risk work gets done, including clearer documentation, better use of tools, and more efficient reporting.
- This is an individual contributor role with responsibility for owning and delivering assigned risk activities.
Required Qualifications
- Experience in public accounting, consulting or internal audit.
- Broad information technology experience.
- Relevant experience in technology risk, operational risk, IT controls, or related fields.
- Strong understanding of controls within a technology environment, including design and operational effectiveness.
Preferred Qualifications
- Proven ability to operate effectively in ambiguous, dynamic, and evolving environments.
- Demonstrated ability to manage multiple priorities, meet deadlines, and balance competing demands.
- Experience building and sustaining collaborative relationships across diverse stakeholder groups.
- High attention to detail with strong organizational skills.
- Solid analytical, critical thinking, and decision‑making capabilities.
- Strong verbal and written communication skills, including the ability to communicate risk concepts to both technical and non‑technical audiences.
- Financial services experience strongly preferred, particularly within Asset Management, Brokerage, Insurance, or Annuities.
- Experience with ServiceNow IRM/GRC or similar risk management platforms.
- In depth knowledge of SOC2, SOX
- Knowledge of industry standard frameworks and regulatory guidance, such as:
- Regulatory bodies and guidance includin