1

Director Technology Risk Management Jobs in Washington

... Technology Risk * Create and maintain policies for how Blend360 uses AI, manages data, handles ... Risk Director vs. Sr. Security Engineer This role works closely with the Sr. Security Engineer ...

Support critical third-party vendor risk management activities * Develop, enhance, and maintain critical technology solutions to support corporate-wide AI adoptions * Execute risk mitigant processes ...

Support critical third-party vendor risk management activities * Develop, enhance, and maintain critical technology solutions to support corporate-wide AI adoptions * Execute risk mitigant processes ...

Technology & Data Risk Management (TDRM) is a small organization that packs a big punch. The ~200 ... the Board of Directors, as needed. * Stay current on emerging cyber threats and potential ...

The ideal candidate will have experience working with IT security controls, risk management practices, compliance frameworks, or audit activities and possess strong analytical and documentation ...

next page

Showing results 1-20

Director Technology Risk Management information

What does a Director of Technology Risk Management do?

A Director of Technology Risk Management is responsible for identifying, assessing, and mitigating technology-related risks within an organization. They develop and implement policies, frameworks, and strategies to ensure that IT systems and processes comply with regulatory requirements and best practices. Their work helps protect the company's data, assets, and reputation from threats such as cyberattacks, data breaches, and system failures. They also collaborate with other departments to promote a culture of risk awareness and provide guidance on risk-related matters.

How does a Director of Technology Risk Management typically collaborate with other departments to ensure effective risk mitigation?

A Director of Technology Risk Management works closely with IT, compliance, legal, and business operations teams to identify and address technology risks. This involves leading cross-functional risk assessments, facilitating communication between technical and non-technical stakeholders, and ensuring that risk mitigation strategies align with organizational goals. Regular meetings, workshops, and reporting structures are established to maintain transparency and drive a culture of risk awareness across departments. Effective collaboration is essential for implementing controls and responding proactively to emerging threats.

What are the key skills and qualifications needed to thrive as a Director of Technology Risk Management, and why are they important?

To excel as a Director of Technology Risk Management, a strong background in information security, risk assessment, regulatory compliance, and a relevant degree such as in computer science or information systems is essential. Familiarity with risk management frameworks (such as NIST, ISO 27001), GRC (Governance, Risk, and Compliance) platforms, and certifications like CISSP or CISM are commonly required. Leadership, strategic thinking, and effective communication skills are vital for driving risk initiatives and collaborating across business units. These competencies ensure robust risk mitigation, regulatory adherence, and alignment of technology strategies with organizational goals.

What is the difference between Director Technology Risk Management vs Cybersecurity Manager?

AspectDirector Technology Risk ManagementCybersecurity Manager
Primary FocusOverseeing technology risk strategies and enterprise risk mitigationManaging cybersecurity operations and security measures
CertificationsCRISC, CISSP, CISMCISSP, CISA, CEH
Work EnvironmentStrategic, cross-departmental, executive levelOperational, technical teams, security operations centers
Industry UsageFinancial, healthcare, large enterprisesIT security firms, corporate IT departments

The main difference is that the Director Technology Risk Management focuses on broad technology risk strategies across the organization, while the Cybersecurity Manager concentrates on implementing and managing cybersecurity measures. Both roles require similar certifications but differ in scope and strategic versus operational responsibilities.

What are the most commonly searched types of Technology Risk Management jobs in Washington? The most popular types of Technology Risk Management jobs in Washington are:
What are popular job titles related to Director Technology Risk Management jobs in Washington? For Director Technology Risk Management jobs in Washington, the most frequently searched job titles are:
What job categories do people searching Director Technology Risk Management jobs in Washington look for? The top searched job categories for Director Technology Risk Management jobs in Washington are:
What cities in Washington are hiring for Director Technology Risk Management jobs? Cities in Washington with the most Director Technology Risk Management job openings:
Global Director, Risk & Compliance

Global Director, Risk & Compliance

Blend360

Columbia, MD โ€ข On-site

Full-time

Posted 23 days ago


Job description

Company Description

Blend is a premier AI services provider, committed to co-creating meaningful impact for its clients through the power of data science, AI, technology, and people. With a mission to fuel bold visions, Blend tackles significant challenges by seamlessly aligning human expertise with artificial intelligence. The company is dedicated to unlocking value and fostering innovation for its clients by harnessing world-class people and data-driven strategy. We believe that the power of people and AI can have a meaningful impact on your world, creating more fulfilling work and projects for our people and clients. For more information, visitย www.blend360.com.

Job Description

We are looking for a Director, Global Risk & Compliance to establish and lead the firm's first centralized risk management and compliance function. This role will build the enterprise risk framework, develop and implement global policies (AI governance, data privacy, vendor risk management, ESG compliance), manage the corporate insurance program, and coordinate compliance execution across all regions.

This role will serve as the client-facing risk leader, engaging directly with enterprise clients on compliance questionnaires, security assessments, and risk governance. The role partners closely with the VP of IT and Sr. Security Engineer to ensure the enterprise risk framework reflects both business and technology dimensions.

This is a governance and framework role, not a technical security engineering role. The Director defines risk policy and requirements ("what" and "why"); the Sr. Security Engineer implements at the infrastructure level ("how"). The two roles operate as complements with a clear boundary.

Core Responsibilities

Risk Management & Oversight

  • Partner with executive leadership to define Blend360's risk appetite and tolerance thresholds; translate those into a practical risk management framework with clear escalation protocols across all the global enterprise.
  • Create and maintain a master risk register that tracks business, operational, regulatory, and technology risks; record who owns each risk, its likelihood and potential impact, and how we'll address it
  • Run annual risk reviews across all regions and business units; use the external Global Risk Assessment (expected Q3 2026) to benchmark our findings
  • Design incident response procedures and lead after-incident reviews to track fixes to completion
  • Brief senior leadership quarterly on our risk position, new threats, and progress on mitigation efforts

AI Governance & Technology Risk

  • Create and maintain policies for how Blend360 uses AI, manages data, handles information security, and maintains business continuity
  • Partner with the AI Steering Committee to ensure AI is used responsibly both for client work and internal operations
  • Set standards for building and using AI models: establish rules around data quality, model performance, bias detection, and responsible use; translate regulatory requirements (EU AI Act, NIST AI RMF) into Blend360 standards
  • Work with the VP of IT and Sr. Security Engineer to assess risks in our technology infrastructure (AWS, Snowflake, client systems); document findings in the risk register and present to leadership
  • Track data safety across the company, from how it's collected and processed to how it's shared and moved across borders (for both client and internal data)
  • Review client projects for risks related to cloud, data, and AI components; provide risk-based recommendations to support legal review and deal decisions

Vendor & Third-Party Risk Management

  • Establish standards for evaluating vendor and partner risks; assess key technology providers (AWS, Snowflake), subcontractors, regional partners and any data processors
  • Set rules for how we safely integrate with and share data with vendors
  • Review the technical side of partnerships, acquisitions, and client solutions working with the VP of IT
  • Review all policies at least annually and maintain an update process when policies change

Insurance & Compliance Program

  • Manage Blend360's global insurance programs: professional liability, cyber, directors & officers, general liability, and any client-specific coverage
  • Manage broker relationships and lead annual insurance renewals
  • Lead SOC 2 compliance: own the audit relationship, framework, and track remediation; work with the Sr. Security Engineer on technical requirements
  • Oversee ESG compliance, including Mastercard requirements and sustainability reporting (SBTi, CDP)
  • Track regulatory changes across North America, Europe, and Latin America that affect Blend360 (GDPR, EU AI Act, data privacy laws, employment law)

Cross-Regional Coordination

  • Coordinate compliance across regions with legal leads: North America, Latin America, and EMEA
  • Work with VP Ops in Uruguay and India on compliance, employment law, and data protection at each office
  • Fill the EMEA compliance gap until dedicated legal resources are in place; own EMEA policies in the meantime
  • Partner with legal lead on Latin American regulatory issues; work with Legal & Compliance Analyst for on-the-ground support
  • Run quarterly compliance reviews with each region; track fixes and report status to the SVP Finance

Client-Facing Risk & Compliance

  • Represent Blend360 on risk and compliance matters with enterprise clients; engage directly with their security, procurement, and compliance teams
  • Handle client compliance questionnaires (security, privacy, ESG, AI governance) in partnership with IT, Security, and delivery teams
  • Create standard checklists for reviewing client contracts and define when to escalate
  • Support high-risk contract reviews; assess insurance, liability, indemnification, and IP issues
  • Maintain a log of client contracts that exceed our risk limits

Operating Model: Risk Director vs. Sr. Security Engineer

This role works closely with the Sr. Security Engineer (reports to VP IT). The split is:

Risk Director owns: risk framework, policies, risk register, insurance, ESG, SOC 2 audits, client compliance, AI governance policy, vendor standards, cross-regional coordination, executive reporting

Sr. Security Engineer owns: AWS security, Snowflake security, access controls, vulnerability management, technical incident response, infrastructure hardening

Shared: SOC 2 (Risk owns the framework and audit; Engineer provides technical details), client questionnaires (Risk owns responses; Engineer provides technical input), AI risk (Risk owns policy; Engineer implements technical controls)

Qualifications

Required Qualifications

  • 8+ years in risk management, compliance, or legal operations in professional services, technology, AI/data, or consulting
  • 5+ years in a global or multi-regional role managing policies and compliance programs
  • Deep knowledge of data privacy laws (GDPR, CCPA/CPRA, LGPD), AI governance (EU AI Act, NIST AI RMF), and risk management standards (COSO, ISO 31000)
  • Technology literacy: understand cloud architecture (AWS), data platforms (Snowflake, Databricks), and AI/ML risks (bias, data quality, model drift). Not expected to build systems, but must speak credibly with technical teams and translate tech risk into business terms
  • Experience managing corporate insurance (professional liability, cyber, D&O) and working with brokers
  • Comfortable engaging directly with Fortune 500 clients on security, compliance, and risk matters
  • Strong written and verbal communication; able to present to executives, boards, and clients
  • Proven ability to influence across regions and functions in a fast-moving, matrixed organization
  • Bachelor's degree required; JD, MBA, or relevant advanced degree preferred

Preferred Qualifications

  • Experience in AI/ML services, data analytics, cloud-native, or digital transformation firms
  • Certifications: CRISC, CISM, CISA, CIPP/E, ARM, or equivalent
  • SOC 2 audit experience and ESG/sustainability reporting (CDP, SBTi)
  • Knowledge of cybersecurity frameworks (NIST CSF, ISO 27001) at a governance level
  • Spanish language skills
  • Familiarity with Latin American regulations (Colombia, Uruguay)
  • Experience building a compliance function from scratch at a growth-stage company
Additional Information

All your information will be kept confidential according to EEO guidelines.