Senior Technology Risk & Compliance Manager

Sandy, UT - USA

Yearly Salary: USD 94600 - 152500

Posted on: 16 hours ago

Vacancies: 1 Vacancy

Job Summary

The WCF Insurance has an immediate opening for someone who can demonstrate the WCF values to join the Information Technology (IT) department team as a Senior Technology Risk & Compliance Manager. This is a full-time exempt position that works in our Sandy Utah Headquarters office. This posting is open to internal and external candidates. This position reports to the VP of IT Security/CISO and is responsible for building and maintaining a strong technology risk and compliance program that covers the organizations tech assets and initiatives including new areas like AI. The person in this role ensures the use of recognized frameworks in both insurance and technology and encourages cooperation among IT teams legal staff and external auditors. As a driver of risk management and the main contact for compliance audits and examinations the role helps lower risks improve best practices and advance the organizations strategic goals amid an ever-changing technology environment.

QUALIFICATIONS

Bachelors in technology cybersecurity risk management or related field (or equivalent); certifications a plus.
8 years relevant experience ideally in regulated sectors
Hands-on with PCI DSS NIST (800-53/CSF/AI RMF) CIS Controls etc.
Knowledge of AI governance risk data provenance bias/fairness explainability human-in-the-loop controls
Cross-functional communication and collaboration skills; able to drive change without direct authority
Experience with audits/exams (e.g. PCI regulatory) and remediation
Risk assessment across tech areas: cloud data end user application development (SDLC) and more
Strong at policy creation controls reporting and communication; skilled at conveying complex risks clearly

ESSENTIAL JOB FUNCTIONS

Lead the adoption and ongoing compliance with PCI DSS NIST CSF/800-53 CIS Controls and related frameworks; oversee alignment of controls to meet business and regulatory requirements.
Establish and oversee the AI Risk Management Program including governance model/data inventory risk assessments testing and validation data usage controls monitoring and incident response for AI systems.
Be the principal contact for IT audits and examinations including coordination and evidence collection activities.
Conduct comprehensive risk assessments across systems and vendors; recommend practical remediation strategies with defined timelines.
Prepare dashboards and reports detailing risk posture compliance status audit outcomes and AI risk metrics.
Collaborate with legal teams to evaluate obligations and ensure vendor and third-party compliance.
Enforce vendor due diligence security questionnaires contract language and ongoing assessments; escalate material vendor risks with mitigation plans.
Track emerging regulations and technologies updating the compliance program as necessary.

ACCOUNTABILITY & REQUIREMENTS

Achievement of target compliance/maturity levels timely remediation of audit findings and measurable reductions in technology risk including emerging technologies such as AI.
Efficient management of technology audits/exams and remediation actions.

BENFITS

WCF Insurance offers an extensive compensation package. Benefits include Medical Dental and Vision insurance company paid life insurance 401K with a generous 6% employer match and additional benefits such as an Employee Assistance Program (EAP) and time off to volunteer in the local community. All employees earn 4 weeks of vacation their first year. Expected salary for this position is $94600 - $152500 depending on experience and education.

Internal candidates should have acceptable job performance 6 months in their current position and must notify their current supervisor that they have applied for the position.

OUR PEOPLE

WCF strives to provide an excellent work experience and cultivate an inclusive environment where anyone who embodies our values will thrive

WCF INSURANCE IS AN EQUAL OPPORTUNITY EMPLOYER

WCF Insurance provides equal employment opportunity to all qualified applicants and employees regardless of race color religion sex age national origin veteran status disability that can be reasonably accommodated or any other basis prohibited by federal state or local law.

Required Experience:

Manager

The WCF Insurance has an immediate opening for someone who can demonstrate the WCF values to join the Information Technology (IT) department team as a Senior Technology Risk & Compliance Manager. This is a full-time exempt position that works in our Sandy Utah Headquarters office. This posting is op...

QUALIFICATIONS

Bachelors in technology cybersecurity risk management or related field (or equivalent); certifications a plus.
8 years relevant experience ideally in regulated sectors
Hands-on with PCI DSS NIST (800-53/CSF/AI RMF) CIS Controls etc.
Knowledge of AI governance risk data provenance bias/fairness explainability human-in-the-loop controls
Cross-functional communication and collaboration skills; able to drive change without direct authority
Experience with audits/exams (e.g. PCI regulatory) and remediation
Risk assessment across tech areas: cloud data end user application development (SDLC) and more
Strong at policy creation controls reporting and communication; skilled at conveying complex risks clearly

ESSENTIAL JOB FUNCTIONS

Lead the adoption and ongoing compliance with PCI DSS NIST CSF/800-53 CIS Controls and related frameworks; oversee alignment of controls to meet business and regulatory requirements.
Establish and oversee the AI Risk Management Program including governance model/data inventory risk assessments testing and validation data usage controls monitoring and incident response for AI systems.
Be the principal contact for IT audits and examinations including coordination and evidence collection activities.
Conduct comprehensive risk assessments across systems and vendors; recommend practical remediation strategies with defined timelines.
Prepare dashboards and reports detailing risk posture compliance status audit outcomes and AI risk metrics.
Collaborate with legal teams to evaluate obligations and ensure vendor and third-party compliance.
Enforce vendor due diligence security questionnaires contract language and ongoing assessments; escalate material vendor risks with mitigation plans.
Track emerging regulations and technologies updating the compliance program as necessary.

ACCOUNTABILITY & REQUIREMENTS

Achievement of target compliance/maturity levels timely remediation of audit findings and measurable reductions in technology risk including emerging technologies such as AI.
Efficient management of technology audits/exams and remediation actions.

BENFITS

Internal candidates should have acceptable job performance 6 months in their current position and must notify their current supervisor that they have applied for the position.

OUR PEOPLE

WCF strives to provide an excellent work experience and cultivate an inclusive environment where anyone who embodies our values will thrive

WCF INSURANCE IS AN EQUAL OPPORTUNITY EMPLOYER

Required Experience:

Manager

Key Skills

Compliance Management
Risk Management
Financial Services
PCI
Banking
Cost Accounting Standards
Quality Systems
Research Experience
NIST Standards
Securities Law
SOX
ISO 27000

Apply Now

About Company

WCF Insurance

Find coverage and resources for workers’ compensation insurance for Utah, California, Idaho, Nevada, Colorado, and Arizona. Get a quote for workers’ comp today

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click