Data Governance & Controls Manager
A global asset management firm is expanding its Enterprise Risk Management function and seeking a Data Governance & Controls Manager to play a key role in advancing its second line of defense capabilities. This team is responsible for partnering across the business to drive a consistent, data-driven approach to risk management while supporting ongoing transformation initiatives across technology, data, and operating models.
This role sits within a global ERM framework and will focus on enhancing the firm's approach to technology, cybersecurity, data governance, and privacy risk. The position will support senior leadership in strengthening oversight of first line risk management practices while evolving next-generation frameworks, controls, and governance structures.
Key Responsibilities:
- Lead identification, assessment, and mitigation of technology, cyber, data, and privacy risks, including cloud, AI/ML, and third-party exposures
- Design and implement enterprise-level information risk and control frameworks within a second line environment
- Develop and monitor Key Risk Indicators (KRIs) to evaluate control effectiveness across technology and data domains
- Partner closely with first line technology, data, and business teams to provide independent oversight, challenge, and guidance
- Collaborate with Internal Audit, Compliance, and Risk to enhance the overall control environment
- Establish and maintain governance structures, policies, and reporting aligned with regulatory expectations
- Deliver data-driven insights and risk reporting to senior leadership and stakeholders
- Drive risk awareness initiatives and foster a strong risk culture across the organization
- Lead and mentor team members within a global, matrixed risk organization
Requirements:
- 7-10 years of experience in risk management within financial services or consulting, with exposure to multiple lines of defense
- Strong expertise in information risk domains including cybersecurity, data governance, privacy, and technology risk
- Proven experience building and implementing risk frameworks (e.g., NIST, ISO, COBIT, cloud/security standards)
- Familiarity with cloud platforms (AWS, Azure, GCP) and emerging technologies (AI/ML)
- Strong analytical and problem-solving capabilities, with the ability to influence stakeholders
- Experience operating in a second line (or interacting closely with it) preferred
- Relevant certifications such as CISSP, CISM, CRISC, CISA, or CIPP highly desirable
- Prior experience in asset management or broader financial services strongly preferred
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your resume and details on file so when we see similar roles or see skillsets that drive growth in organizations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.Â
That's why we recommend registering your resume so you can be considered for roles that have yet to be created.Â
Yes, we help with resume and interview preparation. From customized support on how to optimize your resume to interview preparation and compensation negotiations, we advocate for you throughout your next career move.