Sr, Director Governance, Reporting & Oversight

The Sr. Director, Risk Reporting and Oversight is responsible for building and leading a high-performing team tasked with transforming the 1st Line of Defense (1LOD) risk reporting processes for the Technology Infrastructure (TI) department at the Bank. The function will lead the communication & awareness of TI's risks and controls and deliver actionable insights and messages into aggregate risks and compliance issues across all IT domains. This role is accountable for enabling TI senior leadership's governance over IT risks and controls in a timely manner. The incumbent will assess existing risk processes, identify reporting gaps and inefficiencies, and design the target state for risk reporting and oversight (governance). This role requires strong collaboration with enterprise 1LOD and 2LOD risk functions to ensure alignment, buy-in, and successful implementation of enhanced processes and reports.

Impact and Opportunity

This role offers a unique opportunity to drive meaningful transformation within the TI department, reshaping the way risk is perceived, managed, and operationalized. The Senior Director, Risk Reporting & Oversight will play a pivotal role in positioning TI as a model of efficiency, agility, and risk-consciousness, ensuring its alignment with the broader objectives of the Bank.

Key Responsibilities

Strategic Leadership and Team Development

• Build and lead a high-performing team responsible for establishing and operating the risk reporting and oversight function.
• Attract, develop, and retain top talent with expertise in IT risk management, data governance, and reporting frameworks.
• Foster a culture of collaboration, accountability, and innovation within the team and across the IT department to drive complete and accurate risk reporting.
• Lead the transformation of the department's perception of risk by bridging modern & legacy IT mindsets, fostering a unified approach to risk management.
• Drive initiatives to enhance TI's agility & efficiency while maintaining robust risk governance (e.g. automation of data inputs, standardization of reports).

Risk Reporting Uplift

• Design & implement a risk reporting framework that provides clear, actionable insights into KRIs, compliance issues & significant risks across a complete set of IT domains, by reporting entity & in aggregate.
• Own and manage the source list of KRIs for TI, ensuring a complete IT risk view that up to date and reflective of the current IT environment within the Bank.
• Streamline existing risk reporting processes to ensure efficiency and scalability while addressing reporting gaps and inefficiencies.
• Establish and enforce standards for data sourcing, accuracy, completeness, and consistency across partner team report; build-in continuous checks in the process to ensure data integrity is maintained.
• Collaborate with the different technology teams to enhance the collection of data and develop new insights into risks.
• Deliver targeted, meaningful, and business-focused risk insights to senior leadership to support governance and decision-making.
• Regularly evaluate and enhance the reporting function to address emerging risks, evolving technologies, and organizational priorities.
• Leverage advancements in analytics, automation, and visualization to improve reporting efficiency and effectiveness.

Governance & Risk Oversight

• Enable governance of IT risks and controls by providing senior leadership with comprehensive and prioritized reporting and insights.
• Collaborate with accountable technology owners and risk partners (e.g. Controls Testing & Risk Analysis, Infrastructure and Risk COE, Security, 2LOD) to ensure risk remediation & oversight activities are effectively undertaken & reported on.
• Support leadership's governance mandate by providing timely and accurate risk and remediation insights at steering committees and risk forums.
• Work closely with enterprise 1LOD and 2LOD risk functions to align reporting processes and ensure compliance with organizational and regulatory standards.
• Maintain alignment with enterprise risk management frameworks and regulatory requirements in all reporting activities.

Qualifications and Experience

• 12 years of experience in IT risk management, reporting, or a related field within a large financial institution or similar environment.
• Proven track record of building and leading high-performing teams.
• Strong understanding of risk reporting frameworks, data governance, and compliance requirements.
• Experience with diverse IT domains, including cloud, mainframe, databases, middleware, and applications, is an asset.
• Expertise in risk analysis, data visualization, and reporting tools.
• Exceptional analytical, problem-solving, and communication abilities, especially in an IT and senior leadership context.
• Strong stakeholder management and collaboration skills.