Position OverviewHarris Williams will not provide sponsorship for employment visas or participate in STEM OPT for this position.
Job DescriptionThe Role:
Within Harris Williams Compliance and Risk team, the Technology Risk Lead will be an integral individual contributor to the IT security team, focused on key programs and initiatives that enable us to effectively identify and reduce risk to the firm. This role will leverage depth in technology risk management to partner across multiple organizations, developing and supporting risk solutions that protect our firm, our clients and our ability to remain a market leader.
Why This Role is Unique- Opportunity to own and mature the technology risk program within a growing, highly visible platform
- Direct exposure to senior leadership and parent company stakeholders (PNC)
- Ability to shape risk strategy across emerging areas such as AI, data governance, and vendor risk
- A role that blends strategy, execution, and influence-with meaningful impact on how the firm operates
Core Responsibilities:Technology risk and compliance management:
- Primary lead for all Harris Williams Technology risk and compliance efforts and initiatives, supporting the CTO, CCO and their designees in successful management of the IT risk portfolio and identified priorities.
- Manage and track a consolidated program for all interactions between Harris Williams IT/Security and PNC teams (meetings, control schedule, KRIs, assessments, etc.). Outline strategic roadmap for the Technology Risk program (platforms, people, processes).
- Develop deep familiarity with parent company structure, as a liaison with all lines of defense to organize compliance cycles, execute controls and measure performance towards subsidiary risk management objectives. Continually seek to identify opportunities for improvement and efficiency.
- Function as Subject Matter Expert around technology risk and the proper application of technical and procedural risk principles to enterprise IT environments and practices.
- Coordinate and lead the firm's response for IT assessments and inquiries, prepare agendas and materials, record and track action items to closure with Harris Williams IT, parent company counterparts, auditors and regulators.
- Evaluate and consult on the risks associated with strategic priorities or major programs and projects, formulating targeted recommendations and guidance.
- Collaborate and partner with the business and key stakeholders in creating recommendations to ensure alignment with defined priorities.
- Regularly prepare and deliver comprehensive program updates regarding portfolio prioritization, progress, trends and effectiveness.
- Establish and maintain technology risk register and related security and compliance maturity frameworks. Lead the identification, assessment, and prioritization of technology risks across the organization's IT landscape.
- Own and lead the lifecycle for IT policy and procedure inventory management. Focus efforts on key areas of primary broker dealer risks, including security and privacy of firm, employee and client information, data classification, vendors, and AI.
- Primary IT risk owner for ensuring all new and renewing vendors are successfully processed through the firm's vendor risk process.
- Partner with the Risk Manager to build a cohesive and effective risk program.
Job Specific Competencies, Education and Experience:- Degree in information systems, business or related experience.
- A clear understanding of requirements, controls, and testing methodologies.
- Experience developing an effective control environment related to financial services or technology products and services.
- Relevant professional, compliance and/or security certifications (CISA, CRISC, ITIL, CGEIT, PMP).
- Ability to work across matrixed teams to effectively balance risks and opportunity costs through prioritization to effectively execute assigned tasks.
- 5+ years' experience in IT security and compliance best practices and frameworks (NIST CSF, ISO 27001/9001, COBIT / SOx, PCI, HIPAA).
- 5+ years' experience in designing, implementing and managing enterprise-wide risk programs.
- High degree of professionalism, organization, proactivity and curiosity.
- Excellent interpersonal communication skills and the ability to influence and effectively tailor messages to a variety of audiences.
- Passion for technology, operational excellence and a keen focus on ensuring an exceptional client experience.
Additional Information
- Candidates must be authorized to work in the U.S. without sponsorship
- This description reflects the core responsibilities of the role but is not intended to be all-inclusive. Responsibilities and focus areas may evolve based on business needs.
Disclaimer: Harris Williams will not accept unsolicited resumes from contingency recruiters. Any such resumes received will not be considered as legitimate submissions, and Harris Williams will not pay for the placement of a candidate resulting from the receipt of an unsolicited resume. Furthermore, Harris Williams strictly forbids any contingency recruiter from representing the firm in the market without prior consent
Base Salary: $160,000 - $185,000
- Salaries may vary within the range based on geographic location, market data and on individual skills, experience, and education.
- Role is incentive eligible with the payment based upon company, business and/or individual performance.
- Application Window: Generally, this opening is expected to be posted for 48 business hours from 05/26/2026, although longer with business discretion.
QualificationsSuccessful candidates must demonstrate appropriate knowledge, skills, and abilities for a role. Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.
Preferred SkillsAccess Control (AC), Building Architecture, Customer Solutions, Disaster Recovery Planning, Information Security, Network Security, Physical Security, Risk Assessments, Security Technologies
CompetenciesInformation Assurance, Information Security Audits, Information Security Management, Information Security Technologies, IT Environment, IT Standards, Procedures & Policies, Knowledge of Organization, Planning: Tactical, Strategic
Work ExperienceRoles at this level typically require a university / college degree. Higher level education such as a Masters degree, PhD, or certifications is desirable. Industry experience is typically 8+ years. At least 5 years of prior management experience is typically required. In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.
EducationBachelors
CertificationsNo Required Certification(s)
LicensesNo Required License(s)
BenefitsPNC offers a comprehensive range of benefits to help meet your needs now and in the future. Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.
In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 9 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.
To learn more about these and other programs, including benefits for full time and part-time employees, visit pncthrive.com.
