Required Qualifications:
• 8+ years in IT infrastructure, application architecture, or cybersecurity within a regulated industry.
• 5+ years overseeing critical third-party technology or SaaS vendors.
• Direct experience preparing for and participating in regulatory examinations (e.g., OCC, FFIEC, FCA, PRA, DORA, EBA).
• Strong knowledge of resiliency frameworks (ISO 22301, NIST SP 800-34, FFIEC Business Continuity Handbook). • Proficiency in cloud, on-prem technologies, network architecture, and data protection strategies. • Excellent communication skills for both technical and regulatory audiences. • Preferred • Experience in both financial services and technology vendor environments. • Familiarity with global regulatory bodies and cross-jurisdictional compliance challenges. • In-depth understanding of public cloud, private cloud, on-prem, and SaaS Well-Architected Frameworks, especially the resiliency and reliability pillars.
• Familiarity with SaaS architectures and the unique aspects of SaaS resilience and shared responsibility.
• Strong experience in vendor risk assessments, including SLA analysis, disaster recovery, business continuity, and operational reliability.
• Excellent analytical, documentation, and communication skills, with the ability to translate technical findings for business stakeholders.
• Ability to create architectural diagrams.
Desired Qualifications:
• Bachelor’s degree in Computer Science, Information Security, or related field.
• Proven experience conducting SaaS or cloud risk/risk/resiliency assessments.
• Regulatory Engagement & Compliance
• Monitor emerging regulatory requirements (e.g., DORA, FFIEC, OCC, FCA, MAS, OFSI, PRA, AUS) and ensure alignment across vendor relationships.
• Partner with Legal, Compliance, and Risk teams to interpret regulatory guidance into actionable technical controls.
• Cross-Functional Collaboration
• Work with Enterprise Architecture, Cybersecurity, Business Continuity, DR, and Procurement teams to integrate third-party oversight into enterprise resiliency strategy.
We are seeking an experienced technical professional to oversee the resiliency and compliance posture of critical third-party technology providers.. The successful candidate will have deep experience in IT architecture, operational resiliency, incident response, and regulatory interactions within highly regulated industries.
Soft Skills:
• Strong analytical and problem-solving skills.
• Ability to influence without direct authority.
• Skilled at translating technical issues into regulatory-friendly language.
• Comfortable operating in high-pressure, high-visibility situations.
Key Responsibilities:
• Conduct detailed resiliency assessments for 3rd party vendor-hosted and SaaS solutions using principles from the Well-Architected Frameworks, focusing on reliability, operational excellence, security, cost optimization, and performance efficiency.
• Evaluate the architecture or develop the architectural diagrams of external SaaS workloads and confirm alignment with organizational resilience, disaster recovery, and business continuity requirements.
• Assess vendor readiness for high availability, failover, data integrity, and recoverability, including review of disaster recovery plans, backup procedures, SLA uptime guarantees, and testing/validation routines. • Document findings and remediation recommendations, track remediation efforts, and provide regular reporting on vendor resilience posture, risk, and compliance status.
• 8+ years in IT infrastructure, application architecture, or cybersecurity within a regulated industry.
• 5+ years overseeing critical third-party technology or SaaS vendors.
• Direct experience preparing for and participating in regulatory examinations (e.g., OCC, FFIEC, FCA, PRA, DORA, EBA).
• Strong knowledge of resiliency frameworks (ISO 22301, NIST SP 800-34, FFIEC Business Continuity Handbook). • Proficiency in cloud, on-prem technologies, network architecture, and data protection strategies. • Excellent communication skills for both technical and regulatory audiences. • Preferred • Experience in both financial services and technology vendor environments. • Familiarity with global regulatory bodies and cross-jurisdictional compliance challenges. • In-depth understanding of public cloud, private cloud, on-prem, and SaaS Well-Architected Frameworks, especially the resiliency and reliability pillars.
• Familiarity with SaaS architectures and the unique aspects of SaaS resilience and shared responsibility.
• Strong experience in vendor risk assessments, including SLA analysis, disaster recovery, business continuity, and operational reliability.
• Excellent analytical, documentation, and communication skills, with the ability to translate technical findings for business stakeholders.
• Ability to create architectural diagrams.
Desired Qualifications:
• Bachelor’s degree in Computer Science, Information Security, or related field.
• Proven experience conducting SaaS or cloud risk/risk/resiliency assessments.
• Regulatory Engagement & Compliance
• Monitor emerging regulatory requirements (e.g., DORA, FFIEC, OCC, FCA, MAS, OFSI, PRA, AUS) and ensure alignment across vendor relationships.
• Partner with Legal, Compliance, and Risk teams to interpret regulatory guidance into actionable technical controls.
• Cross-Functional Collaboration
• Work with Enterprise Architecture, Cybersecurity, Business Continuity, DR, and Procurement teams to integrate third-party oversight into enterprise resiliency strategy.
We are seeking an experienced technical professional to oversee the resiliency and compliance posture of critical third-party technology providers.. The successful candidate will have deep experience in IT architecture, operational resiliency, incident response, and regulatory interactions within highly regulated industries.
Soft Skills:
• Strong analytical and problem-solving skills.
• Ability to influence without direct authority.
• Skilled at translating technical issues into regulatory-friendly language.
• Comfortable operating in high-pressure, high-visibility situations.
Key Responsibilities:
• Conduct detailed resiliency assessments for 3rd party vendor-hosted and SaaS solutions using principles from the Well-Architected Frameworks, focusing on reliability, operational excellence, security, cost optimization, and performance efficiency.
• Evaluate the architecture or develop the architectural diagrams of external SaaS workloads and confirm alignment with organizational resilience, disaster recovery, and business continuity requirements.
• Assess vendor readiness for high availability, failover, data integrity, and recoverability, including review of disaster recovery plans, backup procedures, SLA uptime guarantees, and testing/validation routines. • Document findings and remediation recommendations, track remediation efforts, and provide regular reporting on vendor resilience posture, risk, and compliance status.
—
—
