Manager, Technology and Data Risk
McKinsey & Company, Washington, DC, United States
Risk & Compliance
Manager, Technology and Data Risk
Job ID: 93886
Do you want to do work that matters, alongside supportive leaders who will help you grow faster than you ever thought possible? Are you a creative problem-solver who is energized by challenges? You've come to the right place.
Who You'll Work With
You'll work as part of our Technology and Data Risk team reporting to the Director, Technology and Data Risk. You will work closely with senior leadership across Legal, Technology, Cybersecurity, Ethics and Compliance, and other firm functions to identify, assess, and manage risks across the firm. You will preferably be based in our Dallas, Chicago, or Boston office. However, we will also consider our Tampa, Phoenix, Atlanta, New York, New Jersey, Washington, and Toronto locations.
Your impact within our firm
As a Technology and Data Risk Manager, you will play a critical role in safeguarding the firm by ensuring risks are identified, evaluated, and managed effectively. You will lead the implementation of a robust risk management framework that aligns with the firm's strategic priorities and operational needs.
As a critical member of the technology and data risk team, you will strengthen its role as a second line of defense function by serving as a trusted advisor to legal, technology, cybersecurity, ethics and compliance, and other functions across the firm. You will act as a reliable thought partner, offering actionable guidance and fostering a collaborative approach to addressing risk-related challenges. Your advisory contributions will enhance the firm's risk posture.
You will lead firm-wide and entity-level risk assessments to ensure risks are effectively identified, evaluated, and addressed across the firm. You will design and implement tailored assessment approaches aligned with the firm's strategic objectives and regulatory requirements. Collaborating with senior leaders through interviews and workshops, you will uncover critical risks, assess their impact, and prioritize them for immediate action. Your leadership will provide a holistic view of the firm's risk landscape, empowering informed, proactive decisions that enhance resilience and support long-term success. You will also perform due diligence prior to deal closures, identifying potential risks associated with acquisitions or partnerships.
You will oversee the maintenance of the firm-wide risk register at a strategic level, ensuring that risks are comprehensively documented, consistently monitored, and effectively managed throughout their lifecycle. As a key leader, you will ensure the risk register serves as a centralized and transparent repository, providing senior leadership and the board with a holistic view of the firm's risk landscape. Your efforts will enable informed, proactive, and strategic decision-making, aligning risk management practices with the firm's long-term objectives and regulatory obligations.
You will collaborate closely with technology and cybersecurity teams to design and implement foundational elements and data structures that support seamless, automated, and end-to-end risk management. Your leadership will ensure that the firm-wide governance, risk, and compliance (GRC) platform is strategically designed and optimally configured to streamline critical processes, including risk assessments, issue resolution, and exception management. By integrating these processes into a cohesive framework, you will enable a unified, efficient, and transparent approach to managing risks across the firm, enhancing operational resilience and strategic decision-making.
You will develop comprehensive risk reports that provide actionable insights for senior leadership and other key stakeholders. These reports will offer a clear, data-driven understanding of the firm's risk landscape, enabling informed decision-making and strategic prioritization. In addition, these reports will serve as essential tools for meeting external requirements, such as ISO certification, and will be leveraged by other teams to align their initiatives with the firm's overall risk management strategy. Your ability to distill complex risk information into concise, impactful insights will ensure that leadership remains equipped to address challenges proactively.
You will lead the firm's issues management program, ensuring issues are effectively tracked and resolved throughout their lifecycle. Acting as the primary point of escalation, you will address critical challenges such as timeline delays or unresolved risks, ensuring leadership is equipped with the information needed to act decisively. You will also provide strategic oversight of the quarterly issues report, ensuring it delivers a comprehensive and accurate view of issue statuses, trends, and progress before dissemination to stakeholders. Through your leadership, you will foster accountability, strengthen cross-team collaboration, and continuously refine the firm's risk management framework to align with its strategic objectives and drive organizational resilience.
Your qualifications and skills
- Bachelor's degree in computer science, business, or related field; advanced degree or certifications (e.g., CRISC, CISA, CISSP) preferred
- 6+ years of relevant experience in managing complex risk and/or IT programs
- Proven ability to manage risks throughout their lifecycle, from identification to mitigation and monitoring; demonstrated expertise in conducting due diligence for acquisitions and integrating findings into broader risk frameworks
- Proven track record and expertise in developing risk management and information security policies and procedures, successfully executing programs that meet the objectives of excellence in a dynamic environment, as well as experience working with relevant (incl. senior) stakeholders
- Strong critical reasoning and integrative problem-solving skills with the ability to absorb new information rapidly and grapple with a wide range of complex issues; ability to influence stakeholders across all levels of seniority by cultivating trust-based relationships
- Familiarity with technology delivery and digital product management, ideally across vendor-provided technology and internally developed assets
- Familiarity with prominent and emerging cyber, AI, data, and other technology risk topics
- Strong ability to structure and synthesize learnings and feedback into clear, effective written documents, mainly leadership updates
- Passion for people development and experienced people leader; carries a demonstrated track record of enabling a collaborative, respectful, and inclusive environment for all colleagues
Please review the additional requirements regarding essential job functions of McKinsey colleagues.
Apply Now
FOR U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law.
Certain US and Canadian jurisdictions require McKinsey & Company to include a reasonable estimate of the salary for this role. For new joiners for this role in Canada and/or the United States, including all office locations where the job may be performed, a reasonable estimated range is $152,300 - $203,000 in USD and $153,000 - $204,000 in CAD - to help you understand what you can expect. This reflects our best estimate of the lowest to highest salary for this role at the time of this posting, ensuring you have a clear picture right from the start, though it's important to remember that actual salaries may vary. Factors like your office location, your unique blend of experience and skills, start date and our current organizational needs all play a part in determining the final figure. Certain roles are also eligible for bonuses, subject to McKinsey's discretion and based on factors such as individual and/or organizational performance.
Additionally, we provide a comprehensive benefits package that reflects our commitment to the wellness of our colleagues and their families. This includes medical, mental health, dental and vision coverage, telemedicine services, life, accident and disability insurance, parental leave and family planning benefits, caregiving resources, a generous retirement contributions program, financial guidance, and paid time off.
FOR NON-U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity employer. For additional details regarding our global EEO policy and diversity initiatives, please visit our McKinsey Careers and Diversity & Inclusion sites.