Senior Technology Compliance Specialist
Role details
Job location
Tech stack
Job description
The Senior Technology Compliance Specialist supports the organization's technology governance and risk management program by conducting compliance assessments, evaluating the effectiveness of controls, and monitoring adherence to regulatory and internal requirements. They provide insights that strengthen technology controls, reduce risk exposure, and support continuous improvement across IT and cybersecurity processes.
What You'll Do
Lead Technology Compliance Review * Plan, perform technology and security compliance assessments aligned with regulatory, governance, and internal requirements. * Define engagement scope and objectives based on risk and compliance priorities. * Assess control design and operating effectiveness across IT, cybersecurity, and operational technology processes. * Document assessment procedures, evidence, conclusions, and recommendations. * Communicate results to stakeholders and support understanding of compliance expectations.
Conduct Compliance Testing & Control Evaluation * Execute risk-based testing across technology domains using established frameworks and standards. * Evaluate adherence to regulatory and policy requirements and identify control gaps. * Validate remediation evidence to confirm issue closure. * Maintain documentation that supports conclusions and demonstrates compliance with program requirements. * Track emerging risks and recommend enhancements to maintain compliance maturity.
Monitor Remediation & Issue Management * Collaborate with control owners to review corrective action plans and milestones. * Validate the design and effectiveness of implemented remediation activities. * Maintain accurate, up-to-date records of remediation progress. * Escalate overdue or high-risk issues to management when appropriate. * Provide guidance to ensure sustainable, long-term control improvements.
Other Duties as Assigned
- Other duties and responsibilities as assigned, which may include specific projects.
Participate in ongoing learning activities to maintain a current understanding of industry trends, management practices, and bank policies, procedures, and guidelines.
Requirements
- Bachelor's degree in Information Systems, Information Technology, or related field
- At least six (6) years of IT, cybersecurity, or information security compliance or related experience, preferably in financial institutions.
- Certifications: CISA, CISSP, or equivalent.
- Strong knowledge of technology and security governance frameworks.
- Ability to identify risks, evaluate controls, and interpret complex technical information.
- Skilled at developing practical recommendations for remediation.
- Strong written and verbal skills for creating reports and stakeholder discussions.
- Experience managing multiple reviews and meeting deadlines.
- High integrity and ability to maintain confidentiality.
