Technology Risk Manager - Engineering Risk & Resilience
Location
New York
Business Area
Engineering and CTO
Ref #
10050017
Description & Requirements
The Engineering Risk & Resilience team partners across Bloomberg Engineering to identify, understand, and reduce the risks that matter most to how we build and operate technology. Our work sits at the intersection of engineering, risk management, and regulation.
We design practical, engineering-owned risk management solutions that address technology risk in real operational environments. This includes working closely with Technology Product Owners, Engineering teams, and subject matter experts across domains such as security, recovery, and incident management. We collaborate with Legal, Compliance, and Risk partners and translate regulatory expectations into approaches that are credible and usable for engineers.
We focus on mitigating meaningful risk while minimizing unnecessary bureaucracy.
The Role
We’re looking for experienced Technology Risk Managers with deep expertise in critical technology risk domains such as security, resilience, or incident management.
In this role, you will serve as a first-line risk expert supporting engineering and product teams as they identify, assess, and manage risks associated with the technology they build and operate. You will help teams apply consistent risk and control thinking to their products by translating domain expertise into practical guidance, effective controls, and actionable risk assessments.
You’ll partner closely with product risk management teams and engineering leaders to ensure that technology risks are well understood, controls are appropriately designed, and the organization maintains strong operational resilience.
What You’ll Do:
-Act as a subject matter expert in a specific technology risk domain (e.g., security, recovery and continuity, incident management, technology operations).
-Partner with first-line product risk management teams to assess technology risks and evaluate the effectiveness of controls within engineering products and platforms.
-Provide guidance during risk assessments, control design reviews, and issue remediation efforts.
-Define and evolve common control objectives for key technology risk domains and help engineering teams translate standards and policy expectations into practical implementations aligned with how systems are designed and operated.
-Support the interpretation and implementation of technology standards, ensuring they remain realistic and aligned with engineering practices.
-Establish and evolve metrics and risk indicators that enable teams to monitor control effectiveness, understand operational risk exposure, and track improvements in key technology risk domains.
-Identify systemic risks, control gaps, or emerging patterns across products and work with engineering leadership to drive improvements.
-Monitor relevant technology regulations and industry guidance, helping translate regulatory expectations into practical risk management approaches and control implementations for engineering teams.
-Collaborate with second-line risk and compliance partners to demonstrate effective risk management and control implementation.
-Contribute to the evolution of Bloomberg’s engineering risk management practices by bringing operational insight from real systems and teams.
You'll Need to Have:
-10+ years of experience applying technology risk management practices across domains such as information security, system resilience and recovery, and operational incident management.
-Strong understanding of risk management concepts and experience applying them in complex technology environments.
-Familiarity with industry frameworks such as NIST, ISO, or operational resilience guidance (e.g., DORA).
-Ability to evaluate systems and architectures and identify meaningful risk and control considerations.
-Comfort engaging directly with engineers, technical leaders, and product owners to solve problems collaboratively.
-Strong analytical judgment and the ability to navigate ambiguous or evolving problem spaces.
-A track record of building trust with stakeholders across engineering, risk, compliance, and leadership teams.
-An inclusive, collaborative mindset that values diverse perspectives and actively seeks feedback.
-Bachelor’s degree or higher in Technology, Information Systems, or a related discipline (or equivalent practical experience).
We’d Love to See
-Experience applying risk and control frameworks within large-scale technology organizations, particularly those operating in regulated environments.
-Prior experience working in or closely partnering with first-line product or technology risk management teams, supporting risk assessments, control design, and integration of risk management practices into engineering workflows.
-Demonstrated expertise in technology risk management, including risks related to security, resilience, availability, operational processes, and large-scale infrastructure.
-Experience establishing or evolving risk management frameworks, including defining control objectives, developing risk assessment approaches, and implementing mechanisms to monitor control effectiveness and risk exposure.
-If this role aligns with how you think about technology systems, risk management, and operational resilience, and you want to help engineering teams manage risk effectively at scale, we’d love to hear from you.
Salary Range = 185000 - 245000 USD Annually + Benefits + Bonus
The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.
We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.
We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.
Discover what makes Bloomberg unique - watch our podcast series for an inside look at our culture, values, and the people behind our success.