Find The RightJob.
Technical Risk Management - Corporate Risk Manager - Req# 536
Who we are...
As an industry-leading fintech provider, COCC delivers innovative, comprehensive technology solutions and strategic partnerships throughout the Northeastern United States. Listed among American Banker's FinTech 100 and the Inc. 5,000 fastest growing companies in the nation, COCC inspires the industry with innovation and top-quality support. Designated a Top Workplace in Connecticut and a nationally Certified Great Place to Work, COCC recognizes employees as the core of our success.
Inspiring you to become extraordinary in work and life.
What we need…
We’re looking for a Technical Risk Manager to help drive our technology risk program with a strong focus on leading and maturing our enterprise vulnerability management capability. In this role, you’ll identify, assess, monitor, and mitigate technology and cybersecurity risks, ensuring our environments operate within the organization’s risk appetite. You’ll work hands on with modern infrastructure, cloud platforms, and security technologies that power our financial services ecosystem. You’ll lead a highly collaborative security team that values expertise, innovation, and practical problem solving. This is a unique opportunity to shape a core security function, influence technology teams across the business, and make a meaningful impact on our overall security posture. This position reports directly to the Vice President of Security.
What’s in it for you…
COCC offers a collaborative environment, career growth, and all the benefits you’d expect from an award-winning employer, including:
Applicants for employment in the US must have work authorization that does not currently or in the future require sponsorship of a visa for employment authorization in the United States.
COCC is committed to maintaining a drug-free workplace. All applicants are required to pass a credit, background, and substance test prior to employment. COCC procures background and consumer reports in compliance with all Federal and State regulations, including The Fair Credit Reporting Act and applicable Department of Labor laws regarding pre-employment screens. COCC is an equal opportunity employer committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.
Accessibility - If you’re a job seeker with a disability and require accessibility assistance or an accommodation to apply for one of our jobs, please let us know by calling 860-678-0444 or emailing TalentManagement@cocc.com. Please specify the help you need and we’ll be happy to get back to you.
As an industry-leading fintech provider, COCC delivers innovative, comprehensive technology solutions and strategic partnerships throughout the Northeastern United States. Listed among American Banker's FinTech 100 and the Inc. 5,000 fastest growing companies in the nation, COCC inspires the industry with innovation and top-quality support. Designated a Top Workplace in Connecticut and a nationally Certified Great Place to Work, COCC recognizes employees as the core of our success.
Inspiring you to become extraordinary in work and life.
What we need…
We’re looking for a Technical Risk Manager to help drive our technology risk program with a strong focus on leading and maturing our enterprise vulnerability management capability. In this role, you’ll identify, assess, monitor, and mitigate technology and cybersecurity risks, ensuring our environments operate within the organization’s risk appetite. You’ll work hands on with modern infrastructure, cloud platforms, and security technologies that power our financial services ecosystem. You’ll lead a highly collaborative security team that values expertise, innovation, and practical problem solving. This is a unique opportunity to shape a core security function, influence technology teams across the business, and make a meaningful impact on our overall security posture. This position reports directly to the Vice President of Security.
What’s in it for you…
COCC offers a collaborative environment, career growth, and all the benefits you’d expect from an award-winning employer, including:
- Hybrid schedules and generous paid time off to support flexibility and work/life balance
- Customized training and onboarding to set you up for success in your first year
- Robust employee development and formal career pathing programs
- Cutting edge training and educational resources from providers like SANS, PluralSight, and CBT Nuggets
- Competitive compensation, comprehensive benefits, and generous PTO offerings
- On site fitness centers, wellness incentives, and lifestyle spending accounts
- Tuition reimbursement for continued education
- One on one career coaching and mentorship opportunities
- DEIB initiatives that champion inclusion and encourage you to bring your authentic self to work
- Financial planning assistance from certified professionals
- Peer recognition programs celebrating contributions and achievements
- Lead a team of Risk Engineers responsible for identifying, assessing, monitoring, and mitigating technology and cybersecurity risks.
- Lead and manage the enterprise Vulnerability Management Program, including strategy, tooling, operational processes, dashboards, and continuous improvement.
- Own the full lifecycle of vulnerability intake, prioritization, assignment, remediation tracking, and risk based exception handling.
- Partner closely with infrastructure, cloud, DevOps, and engineering teams to ensure timely and effective remediation of unacceptable risk.
- Oversee scanning technologies (e.g., Qualys, Rapid7, Tenable, cloud native scanners) and maintain consistent coverage across servers, endpoints, networks, containers, and cloud workloads.
- Provide technical risk advisory for new technologies, major system changes, and architectural decisions, with an emphasis on practical controls and risk reduction.
- Assess technical controls—including IAM, network security, endpoint protection, cloud security, and encryption—to identify weaknesses or gaps.
- Translate complex technical risks into clear, business focused explanations for leadership, committees, and technology stakeholders.
- Participate in incident response and post incident reviews, contributing to root cause analysis and long term mitigation strategies.
- Maintain strong alignment with GRC, Security Engineering, TPRM, and other cross functional teams to ensure cohesive enterprise risk management.
- Monitor emerging threats and vulnerabilities relevant to financial institutions and recommend proactive defense measures.
- Support risk acceptance processes through risk impact analyses and technical evaluation of compensating controls.
- Perform internal reviews of infrastructure operations, coordinate external assessments, and ensure alignment with relevant frameworks and industry best practices.
- Bachelor’s degree in Information Security, Computer Science, Engineering, or a related field (or equivalent experience).
- 5–10+ years of experience in Information Security, Technology Risk, or Security Engineering within a complex environment, preferably in financial services.
- 2–5+ years of management experience leading security teams.
- Deep hands on expertise with vulnerability management tools and methodologies (e.g., Qualys, Tenable, Rapid7, cloud native scanning, SBOM analysis).
- Strong understanding of modern infrastructure and platforms including Windows/Linux servers, networking, cloud environments (AWS, Azure, or GCP), and containerized workloads.
- Practical knowledge of security fundamentals such as IAM, network segmentation, endpoint security, encryption, patching processes, and secure configuration.
- Familiarity with risk assessment and control validation practices related to technical risk domains.
- Experience with regulatory and industry frameworks such as NIST CSF, NIST 800 53, CIS Controls, MITRE ATT&CK, or FFIEC cybersecurity guidance.
- Ability to assess complex technical issues, determine risk impact, and communicate effectively with both technical and executive audiences.
- Preferred (but not required) certifications: CISSP, CISM, CRISC, GSEC, GCCC, GSLC, Security+, and cloud security certifications (AWS/Azure/GCP).
- Strong collaboration, communication, and leadership skills with the ability to influence stakeholders across the organization.
- Familiarity with CI/CD security controls and container compliance.
- Scripting or automation capabilities in Python, Perl, or PowerShell; experience with Ansible, Terraform, or n8n is a plus.
Applicants for employment in the US must have work authorization that does not currently or in the future require sponsorship of a visa for employment authorization in the United States.
COCC is committed to maintaining a drug-free workplace. All applicants are required to pass a credit, background, and substance test prior to employment. COCC procures background and consumer reports in compliance with all Federal and State regulations, including The Fair Credit Reporting Act and applicable Department of Labor laws regarding pre-employment screens. COCC is an equal opportunity employer committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.
Accessibility - If you’re a job seeker with a disability and require accessibility assistance or an accommodation to apply for one of our jobs, please let us know by calling 860-678-0444 or emailing TalentManagement@cocc.com. Please specify the help you need and we’ll be happy to get back to you.
Similar jobs
No similar jobs found
© 2026 Qureos. All rights reserved.