The Senior Technical Risk Engineer drives risk reduction through technical solutions, emphasizing architecture, automation, and control design over procedural compliance. This role ensures risk mitigation is embedded directly into infrastructure and systems by collaborating with engineering teams and translating risk policies into scalable technical implementations.
Responsibilities
- Design and implement technical solutions that reduce operational, cyber, and resilience risks using architecture, automation, and control design.
- Convert risk policies, requirements, and standards into actionable technical patterns, guardrails, and reference architectures.
- Assess and prioritize solution designs based on risk impact, potential blast radius, and recovery dependencies.
- Collaborate with platform, cloud, security, and SRE teams to integrate risk controls into infrastructure and deployment pipelines.
- Measure control effectiveness using technical evidence and system signals, not just compliance checklists.
- Support secure cloud architecture, isolated recovery environments, identity hardening, and infrastructure resilience initiatives.
- Provide technical guidance on risk tradeoffs, recovery sequencing, and system designs that account for dependencies.
- Develop lightweight processes only when necessary, always focused on enabling better technical risk outcomes.
Requirements
- Bachelor’s degree or foreign equivalent in computer science, information technology, or a related technical field.
- Minimum of 7 years of experience in IT operations, engineering, security engineering, platform engineering, SRE, or technical risk roles.
- Hands-on experience designing and implementing backup, recovery, and resilience solutions, particularly Isolated Recovery Environments (IREs).
- Demonstrated ability to design and influence technical solutions across cross-functional engineering teams.
- Strong understanding of risk behavior in distributed systems, cloud platforms, and automated environments.
- Ability to operate effectively between engineering teams and risk-focused stakeholders.
- Skilled at communicating complex technical risk concepts clearly to non-technical audiences without loss of accuracy.
Nice to Have
- Experience with Google Cloud Platform (GCP).
- Proficiency in Python or Java and Ansible for scripting, with hands-on experience in RESTful API development.
- Terraform expertise for Infrastructure as Code (required).
- Experience using GCP BigQuery and Power BI or similar tools to analyze and visualize risk data and evidence.
- Background in backup, recovery, and resilience solution architectures.
- Design and implementation experience with Isolated Recovery Environments (IRE) in GCP.
- Knowledge of GRC or security domains.
- Experience with CI/CD pipelines and policy-as-code frameworks.
- Understanding of cloud IAM, networking, and control planes.
- Experience with observability, logging, and automated evidence collection.
- Familiarity with GRC platforms such as Archer or ServiceNow.
- ITIL-based IT Service Management (ITSM) experience.
- Exposure to Agentic AI Frameworks.
Tech Stack
Google Cloud Platform (GCP), Python, Java, Ansible, Terraform, RESTful APIs, GCP BigQuery, Power BI, Archer, ServiceNow
Team
Collaborates with platform, cloud, security, and SRE teams to integrate risk controls into technical systems and workflows.
- Prioritizes solution engineering over process engineering
- Translates risk intent into resilient technical designs
- Focuses on automation and scalable technical safeguards
Additional Information
- Requires strong technical expertise with a focus on engineering-based risk reduction.
- Candidates must think primarily as engineers and secondarily as risk professionals.
- Understanding of system failure modes and the ability to enforce controls through code and architecture is critical.
- Emphasizes practical, automatable, and scalable technical safeguards informed by risk frameworks, policies, and controls.
