Technology Controls Manager, Dublin

Location: Central Park – Hybrid working 3 days in office.

Title: Technology Controls Manager

Do you want to work in the the ever-evolving environment of resilience and be part of transforming the Bank’s technology control environment, driving innovation and resilience across cutting-edge digital platforms?

Summary of role:

This role sits within the Digital Controls team in Enterprise Security and Resilience, part of Enterprise Delivery. The Technology Controls Manager is accountable for designing, implementing, and continuously improving the enterprise-wide technology control environment. This role ensures technology risks are identified, assessed, controlled, and monitored across change and run functions—covering infrastructure, cloud, applications, data, platforms, and third parties. You will lead a multidisciplinary team to drive control effectiveness, quality by design in delivery, and regulatory compliance, while enabling speed and resilience in digital transformation.

The role involves ensuring that the Bank complies with relevant regulatory requirements and internal standards, while identifying and addressing potential risks to the business.

We're looking for someone who can:

• Define and execute the Technology Controls Strategy, aligned to enterprise risk appetite and change priorities.
• Own the Technology Control Framework and Control Library mapped to standards (e.g., NIST CSF, ISO 27001/2, ISO 20000, ISO 22301, COBIT, CIS, CSA CCM).
• Chair Tech Risk & Controls Forums, ensuring transparent risk reporting to ExCo/Boards.
• Set policy and standards for technology risk, secure SDLC, change control, resilience, data protection (in partnership with DPO), and third-party risk.
• Embed controls by design into delivery pipelines
• Drive automation of controls (policy-as-code, IaC guardrails, SAST/DAST/SCA, secrets management, baseline configs, drift monitoring).
• Maintain registers for risks, issues, control effectiveness, and action plans with executive reporting and KRIs/KCIs.
• Partner with Operations and Cyber to ensure resilience for important business services

What you will bring:

• 6+ years in technology risk/controls, cyber, or engineering;
• Holds a Bachelor’s Degree in Computer Science / IT Security or has relevant industry experience.
• Demonstrates excellent leadership, organizational, and interpersonal skills.
• Ability to generate Board digestible Security reports.
• Strong knowledge of cloud platforms, modern architectures (microservices, APIs, containers), and DevSecOps.

The following certifications are desirable though not essential:

• CISSP, CISM, CRISC, CGEIT, CISA, ISO 27001 Lead Implementer/Lead Auditor, SABSA, CCSP, AWS/Azure/GCP security, ITIL, COBIT

Why Work for AIB:

We are committed to offering our colleagues choice and flexibility in how we work and live and our hybrid working model enables our people to balance their time between working from home and their designated office, subject to their role, the needs of our customers and business requirements.

Some of our benefits include;

• Market leading Pension Scheme
• Healthcare Scheme
• Variable Pay
• Employee Assistance Programme
• Family leave options
• Two volunteer days per year

Please click here for further information about AIB’s PACT – Our Commitment to You.

As part of the selection process, the successful applicant will be expected to demonstrate the AIB Behaviours and ability in the Behavioural and Technical Capabilities reflected below.

Please note that the capabilities will only be asked at interview stage.

Behavioural Capabilities:

Vision & Purpose Led: Inspires others by connecting actions to the organisation’s vision and strategic goals, motivating teams to deliver meaningful outcomes.

Ensures Accountability: Takes ownership of decisions and results, holding self and others responsible for meeting commitments and maintaining high standards.

Drives Progress: Proactively tackles challenges, champions change, and delivers improvements to advance the organisation’s objectives.

Technical Capabilities:

Breadth of Technical Knowledge: Demonstrates strong understanding of cyber security principles and risk management.

Internal Control Design: Designs and evaluates controls to mitigate risks and ensure compliance.

External

If you are not sure about your suitability based on any aspects of the role advertised, we encourage you to please contact the Recruiter for this role Sarah, at careers@aib.ie  for a conversation

Application deadline: Monday 12th January .