1

Cgeit Jobs (NOW HIRING)

CGEIT Behavioral Competencies: * Collaborates * Communicates Effectively * Customer Focus * Decision Quality * Nimble Learning Technical Skills: * Insurance Industry Knowledge * Regulatory ...

Cybersecurity Task Lead

Linthicum, MD

$109K - $148K/yr

Relevant certifications such as CISSP, CISM, PMP, ITIL, or CGEIT * Minimum 5 years of IT leadership experience with demonstrated accountability for the effective implementation of enterprise-wide ...

Network Security Engineer

Palo Alto, CA · On-site

$180K - $440K/yr

Certifications like CISA, CRISC, CGEIT, Security+, CASP+, or similar preferred. * Strong understanding of network security principles, protocols (e.g., TCP/IP, VLANs, ACLs), and best practices for ...

next page

Showing results 1-20

Cgeit information

What are the key skills and qualifications needed to thrive as a CGEIT (Certified in the Governance of Enterprise IT) professional, and why are they important?

To thrive as a CGEIT professional, you need expertise in IT governance frameworks, risk management, and strategic alignment of IT with business goals, typically supported by the CGEIT certification. Familiarity with tools like COBIT, ITIL, and enterprise risk management systems is often required. Strong leadership, analytical thinking, and communication skills help drive effective governance and stakeholder engagement. These skills ensure organizations maximize value from IT investments while maintaining compliance and managing risk.

What is CGEIT?

CGEIT stands for Certified in the Governance of Enterprise IT. It is a globally recognized certification offered by ISACA for professionals who manage, provide advisory, or assure IT governance in organizations. Earning the CGEIT demonstrates expertise in aligning IT with business goals, managing IT resources, and evaluating IT risk. The certification is especially valued by IT managers, directors, and executives seeking to validate their skills in IT governance. To achieve CGEIT, candidates must pass an exam and meet specific work experience requirements.

What is the difference between Cgeit vs Cisa?

AspectCgeitCisa
CertificationsCertified in the Governance of Enterprise IT (Cgeit)Certified Information Systems Auditor (Cisa)
Work EnvironmentFocuses on IT governance, risk management, and strategic alignmentCenters on auditing, control, and security of information systems
Industry UsageUsed by professionals managing enterprise IT governanceUsed by auditors and security professionals assessing information systems

While both Cgeit and Cisa certifications relate to information technology, Cgeit emphasizes IT governance and strategic management, whereas Cisa focuses on auditing and security controls. Professionals often pursue Cgeit for leadership roles in IT governance and Cisa for auditing and compliance positions, making each suited to different career paths within the IT industry.

What are some typical challenges faced by CGEIT-certified professionals when aligning IT governance with business objectives?

CGEIT-certified professionals often encounter challenges in bridging the gap between IT and business strategies, especially in organizations where communication between departments is limited. They must ensure that IT initiatives are not only compliant with governance frameworks but also directly support organizational goals. Balancing risk management, regulatory requirements, and the need for innovation requires strong stakeholder engagement and ongoing evaluation of IT processes. Success in this role involves fostering collaboration across business units and consistently demonstrating the value of IT governance to executive leadership.
More about Cgeit jobs
What states have the most Cgeit jobs? States with the most job openings for Cgeit jobs include:
Infographic showing various Cgeit job openings in the United States as of June 2026, with employment types broken down into 95% Full Time, 1% Part Time, 1% Temporary, and 3% Contract. Highlights an 79% Physical, 15% Hybrid, and 6% Remote job distribution.
Director-Tech Risk & Control (Software Development & Enterprise Architecture)

Director-Tech Risk & Control (Software Development & Enterprise Architecture)

American Express

New York, NY

Full-time

Posted 11 days ago


American Express rating

8.5

Company rating: 8.5 out of 10

Based on 35 frontline employees who took The Breakroom Quiz

25th of 146 rated financial services


Job description

At American Express, our culture is built on a 175-year history of innovation, shared values and Leadership Behaviors, and an unwavering commitment to back our customers, communities, and colleagues. From delivering differentiated products to providing world-class customer service, we operate with a strong risk mindset, ensuring we continue to uphold our brand promise of trust, security, and service.

As part of Team Amex, you'll experience this powerful backing with comprehensive support for your holistic well-being and many opportunities to learn new skills, develop as a leader, and grow your career. Here, your voice and ideas matter, your work makes an impact, and together, you will help us define the future of American Express.

Joining ETS Governance & Control means helping protect American Express customers and company through integrated, intelligence-driven technology risk and control management. Operating at the intersection of technology, governance, and risk, the team partners across the enterprise to modernize the foundation, advance risk intelligence, demonstrate trust at scale, and reduce material risk-enabling innovation with the right controls in place.

By building simplified, consistent frameworks and embedding continuous assurance, ETS Governance & Control enhances transparency, accountability, and sustainable risk reduction. The work is about empowering confident decisions, accelerating responsible delivery, and ensuring controls evolve with the business to strengthen trust and reduce enterprise risk at scale.

Role Overview

The Director, Technology Risk and Control (Software Development & Enterprise Architecture) is a senior leader within the Technology Governance & Control organization, accountable for risk advisory, governance, and control oversight across secure software development, engineering practices, enterprise architecture, and emerging technology domains.

This role partners with leaders across Technology, Engineering, Enterprise Architecture, Cybersecurity, Product, and Operational Risk to ensure technology risks are identified, assessed, governed, and mitigated through a robust Risk and Control Self-Assessment (RCSA) framework.

The successful candidate will bring deep expertise in technology risk management, software engineering and enterprise architecture practices, and governance of AI/ML and other emerging technology solutions within large, complex, and highly regulated environments.

  • Bachelor's degree in information technology, information security, risk management, business, or a related discipline And/ Or equivalent experience required
  • 10+ years of experience in technology risk management, operational risk, IT audit, software engineering, enterprise architecture, cybersecurity, or closely related fields.
  • 5+ years of leadership experience in risk, controls, governance, and technology functions.
  • Demonstrated experience leading RCSA programs and technology risk assessments in large, complex organizations.
  • Strong understanding of software development methodologies, cloud environments, and enterprise architecture practices.
  • Proven ability to influence senior executives and provide effective challenge on strategic technology decisions.
  • Strong analytical and problem-solving skills, with the ability to translate complex technical and regulatory concepts into clear risk insights.
  • Exceptional executive communication, stakeholder management, and presentation skills.

Preferred Qualifications

  • Experience leading technology risk governance across software development, SDLC, engineering, architecture, and emerging technology domains.
  • Experience supporting regulatory examinations and internal or external audits.
  • Professional certifications such as CISA, CISSP, CRISC, CISM, CGEIT, or equivalent.
  • Advanced degree in information security, risk management, business, or a related discipline.
  • IT/IS background - SDLC or Architecture is a plus

Risk Advisory Leadership

  • Serve as the accountable risk and control lead for software development and enterprise architecture domains.
  • Provide strategic risk advisory and credible challenge to senior technology leaders on risk identification, mitigation, and acceptance decisions.
  • Lead RCSA execution across the domain, including risk identification, control assessment, and residual risk evaluation.
  • Maintain risk profiles, taxonomies, and control inventories that support consistent oversight across engineering and architecture functions.
  • Drive quality and consistency in assessments, issue management, remediation, and reporting across the domain.

Technology Risk Assessment

  • Oversee risk assessments related to software delivery, engineering practices, application architecture, third-party integrations, and platform dependencies.
  • Support assessment of control design and operating effectiveness, and recommend enhancements where needed.
  • Advise leadership on the risk implications of technology strategy, architectural decisions, and transformation programs.

AI and Emerging Technology Risk Advisory

  • Provide risk advisory for AI/ML and emerging technology solutions, including AI use in software development such as code generation, test automation, documentation, and engineering workflow support.
  • Assess risks related to AI-assisted software development, including code quality, insecure code generation, data leakage, prompt and input handling, model provenance, third-party tools, lifecycle governance, explainability, privacy, regulatory compliance, and AI security.
  • Partner with engineering and enterprise architecture teams to embed risk-by-design principles, human review, approval controls, and secure development practices into AI-enabled software delivery processes.
  • Advise on governance frameworks, control standards, and auditability requirements that support the responsible use of AI in software development and broader enterprise adoption at scale.

Governance, Reporting, and Regulatory Engagement

  • Lead the preparation and presentation of risk insights, emerging themes, and recommendations for senior leadership and governance forums.
  • Develop meaningful risk metrics, key risk indicators, and management reporting to support informed decision-making.
  • Support internal audits, regulatory examinations, and external assessments with clear, well-structured risk and control narratives.
  • Ensure alignment with enterprise risk frameworks, policies, standards, and regulatory expectations.

Stakeholder Management

  • Build strong partnerships across Engineering, Architecture, Cybersecurity, Data, Product, Compliance, and Operational Risk.
  • Influence senior leaders and promote risk-informed decision-making across strategic initiatives.
  • Act as a trusted advisor on technology risk, governance, and transformation priorities.

Team Leadership

  • Lead and develop risk professionals supporting technology risk and control activities.
  • Foster a culture of accountability, continuous improvement, and strong risk awareness.
  • Build team capability through coaching, development planning, and succession management.

What American Express employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom