About Invesco

As one of the worlds leading independent global investment firms Invesco is dedicated to rethinking possibilities for our clients. By delivering the combined power of our distinctive investment management capabilities we provide a wide range of investment strategies and vehicles to our clients around the world. If youre looking for challenging work intelligent colleagues and exposure across a global footprint come explore your potential at Invesco.

About the Department/Team:

At Invesco we value focusing on clients purposeful interactions and teamwork. Within Enterprise Risk you can expect to draw from your existing skills to drive value while finding opportunities to expand your talent and career.

Invesco Enterprise Risk Management (ERM) is evolving its capabilities and is looking for new Team members. Enterprise Risk is a global Second Line of Defense function that engages with Invesco Business teams to facilitate delivery and oversight of the risk management framework and provide a consistent aligned approach to risk management across the firm.

The Enterprise Risk Management team comprised of dynamic diverse and highly collaborative members drives value to Invesco by delivering a comprehensive and standardized view of risk integrated and underpinned by data and metrics. At the heart of the Invesco Enterprise Risk framework is the foundation for strong analytics capable of responding to emerging threats and opportunities and adapting to evolving market trends and conditions.

Whether you want to extend your existing experience to Enterprise Risk or leverage Risk Management expertise to evolve Invescos Enterprise Risk Management capability weve got exciting opportunities.

About the Role:

Invesco is embracing a dynamic business environment with more agile working methods increasing our need for sophisticated technology and operational risk management. Our firm is adopting new technologies strengthening our data strategy expanding our use of third parties and evolving our business models to serve our clients better. Our risk management frameworks must evolve in parallel to support this transformation. The Sr. Manager of Information Risk and Controls is a leadership and expert role responsible for advancing risk management evolution. This individual will support the Global Head of Information Risk and Controls in overseeing evaluating and enhancing the effectiveness of the second line of defense while improving the execution of the first line of defense in managing information risks. Partnering with a team of subject matter experts a key strategic focus will be to develop mobilize and support next-generation cross-disciplinary information risk frameworks controls and governance to sustain the ongoing transformation of our business.

Responsibilities of the Role:

• Leading Risk Identification and Mitigation:Spearhead the identification assessment and mitigation of technology cybersecurity data and privacy risks including those tied to infrastructure cloud and AI/ML technologies data governance data quality data lineage cyber threats evolving privacy regulations and emerging risks ensuring a robust risk posture amidst evolving trends.

• Framework Implementation:Develop and implement a robust information risk and control framework to enhance the firms second line of defense capabilities in overseeing information security data governance and technology risks.

• Risk Analysis and Monitoring:Analyze current and emerging information security data governance and technology risks developing Key Risk Indicators (KRIs) to monitor the adequacy quality and efficacy of controls. Apply specialized knowledge and broad acumen across facets of all domains including cybersecurity technology cloud data governance privacy and support third-party risks.

• Collaboration and Oversight:Partner with the first line of defense data owners data stewards and technology teams and collaborate with Internal Audit Global Compliance and Risk teams to review and strengthen the control environment improve processes related to information and data governance risk management and provide independent second-line checks and challenges. Foster collaboration with the broader internal risk community and key global business stakeholders to ensure a cohesive approach to risk management across the organization. Conduct research and analysis leveraging data to derive valuable insights and actionable recommendations for stakeholders.

• Policy and Governance Leadership:Lead the development and implementation of risk management policies procedures and a governance structure ensuring appropriate risk oversight reporting and compliance with regional regulatory requirements.

• Industry Engagement:Engage with industry networks and associations to stay updated on developments in technology operational data governance and security risk management sharing insights with relevant business functions.

• Risk Awareness:Drive risk awareness among employees through training and education promoting a culture of risk consciousness.

• Team Leadership:Provide strategic leadership to the Information Risk Management team fostering a culture of continuous improvement and excellence and engaging with senior stakeholders to deliver insightful reports and recommendations on the risk landscape.

Requirements for the Role:

• Risk Management Experience:710 years of risk and control experience with at least 5 years driving risk management across various lines of defense in a global banking/financial services environment or international risk consulting with financial services experience.

• Information Risk Expertise:Strong understanding of complex technology data governance and cybersecurity concepts including core technology and security principles.

• Framework Implementation:Hands-on experience defining and implementing information risk management and control frameworks emphasizing integration of data governance.

• Technical and Security Experience:Experience with major cybersecurity technology operational risk and data governance frameworks and standards such as NIST CSF CRI Cybersecurity Profile CSA Cloud Controls CCM (Cloud Controls Matrix) ISO 27000 series COBIT and Basel Operational Risk Principles. Experience delivering and assessing security solutions across major cloud service providers (AWS Azure GCP) platforms.

• Communication Skills:Ability to build consensus through data-driven communication and presenting factual relevant information.

• Analytical Abilities:Advanced analytical skills with the ability to exercise judgment and solve complex problems. Critical thinking and analytical problem-solving ability; effectively identify risks and unexpected patterns in complex situations investigate issues analyze root cause and determine the appropriate course of action.

• Team Player:Demonstrated leadership skills and ability to work well with others in a dynamic team-oriented environment and confidence in dealing with difficult situations resolving conflict and influencing with diplomacy while maintaining objectivity.

• Industry Preference:Preference for candidates with asset management or financial services industry experience.

• Emerging Technology Knowledge:Working knowledge of current and emerging technologies including cloud computing AI/ML and automation tools.

• Education:An undergraduate degree is required; an MBA or masters degree in a relevant field is preferred.

• Certifications:Certification in at least one of the following: CRISC (Certified in Risk and Information Systems Control) CISSP (Certified Information Systems Security Professional) CISA (Certified Information Systems Auditor) CISM (Certified Information Security Manager) CIPP (Certified Information Privacy Professional) etc.

Full Time / Part Time

Worker Type

Job Exempt (Yes / No)

Workplace Model

Pursuant to Invescos Workplace Policy employees are expected to comply with the firms most current workplace model which as of October 1 2025 includes spending at least four full days each week working in an Invesco office. This reflects our belief that spending time together in the office helps us build stronger relationships collaborate more easily and support each others growth and development.

The above information on this description has been designed to indicate the general nature and level of work performed by employees within this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties responsibilities and qualifications required of employees assigned to this job. The job holder may be required to perform other duties as deemed appropriate by their manager from time to time.

Invescos culture of inclusivity and its commitment to diversity in the workplace are demonstrated through our people practices. We are proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race creed color religion sex gender gender identity sexual orientation marital status national origin citizenship status disability age or veteran status. Our equal opportunity employment efforts comply with all applicable U.S. state and federal laws governing non-discrimination in employment.