Advance your potential – and reach your goals

The Technology & Cybersecurity Risk Management Manager plays a critical leadership role within the Cybersecurity Governance, Risk, and Controls (GRC) function. This role is responsible for managing the end-to-end technology and cybersecurity risk lifecycle, ensuring risks are identified, assessed, communicated, and effectively remediated across the enterprise.

The ideal candidate brings a deep understanding of technology and cyber risk management frameworks, demonstrates strong stakeholder engagement, and leads a team that partners with business and technology leaders to enhance our overall risk posture. This role will also drive continuous improvement of our risk management processes, leveraging data-driven insights, automation, and industry best practices to ensure alignment with OneMain’s enterprise risk management strategy. This role will report into the Cybersecurity Risk team.

Responsibilities:

• Oversee the execution of risk management processes, including issue management, risk assessments, risk treatment, and exception management.
• Provide credible challenge and independent oversight of cybersecurity and technology initiatives to ensure risk mitigation aligns with corporate and regulatory expectations.
• Manage corrective action plans to address findings from assessments, audits, or testing; monitor progress, validate completion, and report status to leadership.
• Partner with technology, business, audit, compliance, and legal teams to promote effective risk management practices and maintain transparent communication on key risks.
• Develop, track, and report key performance and risk indicators (KPIs/KRIs) to communicate the organization’s cybersecurity and technology risk posture to senior management.
• Support or lead targeted cybersecurity and technology risk assessments to identify emerging threats, assess control effectiveness, and recommend mitigation strategies.
• Drive enhancements to risk management processes through process optimization, automation opportunities, and integration with the enterprise GRC platform.
• Ensure risk activities align with applicable frameworks and regulations such as NIST CSF, NIST 800-53, ISO 27001, CIS Controls, and NYDFS 23 NYCRR 500.
• Maintain familiarity with cybersecurity policies, standards, and procedures; identify and manage exceptions and non-compliance items.
• Manage and mentor team members, fostering a culture of collaboration, accountability, and professional growth.
• Lead recurring meetings and risk review sessions with key stakeholders to provide updates on open issues, trends, and overall risk posture.

Qualifications:

• Bachelor’s degree in Information Security, Information Technology, Risk Management, or related field (or equivalent experience).
• 5+ years of experience in technology risk management, cybersecurity, or information security.
• 2+ years of people management or leadership experience.
• Strong understanding of GRC frameworks, tools, and methodologies (e.g., Archer, ServiceNow GRC, OneTrust).
• Knowledge of regulatory and industry frameworks (e.g., NIST CSF, NYDFS 23 NYCRR 500, SOC 2, PCI).
• Proven ability to manage complex, cross-functional initiatives and communicate effectively with technical and non-technical stakeholders.
• Demonstrated ability to identify, evaluate, and remediate technology and cybersecurity risks.
• Strong analytical and organizational skills, with the ability to interpret risk data and provide meaningful insights to leadership.

Who we Are

OneMain Financial (NYSE: OMF) is the leader in offering nonprime customers responsible access to credit and is dedicated to improving the financial well-being of hardworking Americans. Since 1912, we’ve looked beyond credit scores to help people get the money they need today and reach their goals for tomorrow. Our growing suite of personal loans, credit cards and other products help people borrow better and work toward a brighter future.

Driven collaborators and innovators, our team thrives on transformative digital thinking, customer-first energy and flexible work arrangements that grow lives, careers and our company. At every level, we’re committed to an inclusive culture, career development and impacting the communities where we live and work. Getting people to a better place has made us a better company for over a century. There’s never been a better time to shine with OneMain.

Because team members at their best means OneMain at our best, we provide opportunities and benefits that make their health and careers a priority. That’s why we’ve packed our comprehensive benefits package for full- and some part-timers with: 

• Health and wellbeing options including medical, prescription, dental, vision, hearing, accident, hospital indemnity, and life insurances 
• Up to 4% matching 401(k)   
• Employee Stock Purchase Plan (10% share discount)   
• Tuition reimbursement   
• Paid time off (15 days’ vacation per year, plus 2 personal days, prorated based on start date) 
• Paid sick leave as determined by state or local ordinance, prorated based on start date 
• Paid holidays (7 days per year, based on start date) 
• Paid volunteer time (3 days per year, prorated based on start date)