Vice President, Technology Control Manager

At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting‑edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide.

Join us and be part of something extraordinary. We’re seeking a future team member for the role of Technology Control Manager to join our team. This role is located in London.

Role Overview

The Technology Control Manager is accountable for the design, effectiveness and continuous improvement of the technology control environment across BNY’s Investment Management Engineering organisation. As a senior first-line leader, you will work closely with engineering, architecture, cybersecurity, Technology Risk, Compliance and Internal Audit to ensure controls are embedded throughout the SDLC, aligned with regulatory expectations and supported by a culture of ownership and continuous improvement.

You will provide clear, evidence-based narratives to senior stakeholders, shaping the overall risk posture of Investment Engineering and ensuring the control environment supports secure and resilient client experiences.

In this role, you’ll make an impact in the following ways:

• Assess and manage technology risks across platforms, applications, data, cloud services and third-party integrations.
• Identify emerging threats, evaluate their potential impact and define robust mitigation strategies.
• Interpret and enforce BNY policies, standards and regulatory requirements.
• Maintain an informed understanding of Investment Engineering’s architecture, operating model and cloud design principles to ensure correct control application and alignment.
• Construct, maintain and narrate technology control dashboards and key indicators for Investment Engineering.
• Present concise insights and risk themes to senior leadership and governance committees.
• Produce the quarterly Technology Risk and Control Assessment for Investment Engineering.
• Provide a comprehensive view of risk posture, control effectiveness, resilience performance and alignment to enterprise and regulatory frameworks.
• Partner with product and platform owners, architects, cybersecurity and engineering teams to perform detailed risk assessments.
• Quantify technology risks and communicate clear findings and recommendations to governance forums.
• Prioritise remediation of known risks, audit findings and control gaps.
• Ensure engineering teams perform thorough root-cause analysis and implement changes that strengthen long-term control effectiveness.
• Provide SME guidance on control design across SDLC, DevSecOps, identity and access management, secrets management, cloud security, vulnerability management, configuration management and operational resilience.
• Strengthen risk awareness across engineering teams.
• Develop and maintain metrics, KRIs, KPIs and control-health reporting.
• Use data and trend analysis to support narratives, highlight areas of concern and guide strategic remediation activity.
• Oversee defect, vulnerability and control-break management.
• Lead the issue-management and policy-deviation process.
• Oversee Identity and Access Management controls for Investment Engineering.
• Ensure standard tools and processes are used for attestations, provisioning, revocation, segregation of duties and secrets governance.
• Represent Investment Engineering in Line 1 and Line 2 Technology Risk engagements.

To be successful in this role, we’re seeking the following:

• Strong background in technology or engineering supported by a detailed understanding of modern software development, cloud-native patterns and platform operations.
• Extensive experience in technology risk, controls, cybersecurity or engineering leadership within a regulated financial-services environment.
• Demonstrated expertise in performing and leading complex risk assessments that cover SDLC and DevSecOps practices, identity and access management, change and configuration management, vendor integrations, cloud patterns, vulnerability management and operational resilience.
• Strong understanding of regulatory standards relevant to Investment and banking technology such as NIST CSF, ISO 27001 and ISO 27002, SOX, PCI and GDPR.
• Practical experience implementing and operating controls across cloud platforms, microservices, APIs, Kubernetes, CI/CD pipelines and secure software-supply-chain tooling.
• Strong communication skills with the ability to translate complex control concepts into clear and actionable guidance for senior stakeholders.

Our Benefits and Rewards

BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.

BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.