Technology Governance & Risk Skills (P-118)
SMASH, Who we are?
We are agents for tech professionals in Costa Rica and Colombia that help them build careers in the United States.
We believe in long-lasting relationships with our talent. We invest time getting to know them and understanding what they seek as their professional next step.
We aim to find the perfect match. As agents, we pair our talent with our US clients, not only by their technical skills but as a cultural fit. Our core competency is to find the right talent fast.
We purposefully move away from the “contractor” or “outsourcing” type of relationship. Our clients don’t want contractors or “just a service.” Neither does our talent.
Our Benefits
- Wellness Coverage
- Remote Work
- Birthday day off
- Recognition and rewards system
- Referrals Program
- Business skill coaching
- English classes for Smashers and relatives
- Learning opportunities
This is a remote position for Costa Rica and Colombia.
This position is Remote to work with a US Company; you will require to have Citizenship or a work permit from Costa Rica or Colombia to apply for this role.
Job Description:
Technology Governance & Risk Skills
- IT Risk Identification & Control Mapping
Identify operational and IT risks and map them to controls within business processes, consistent with NCUA or FFIEC’s risk identification and mitigation framework. - Policy & Standards Execution
Apply and enforce IT policies, standards, and procedures within operational teams, ensuring alignment with governance expectations. - Operational Control Validation
Validate the effectiveness of operational controls (e.g., access management, backup procedures, system monitoring) and document control performance. - Governance Reporting & Metrics
Produce governance-aligned reporting (e.g., KRIs, control effectiveness, risk trends) that supports management oversight and FFIEC examiner expectations. - Business Continuity & Resilience Awareness
Understand how technology risk intersects with business continuity, including awareness of NCUA regulations and/or FFIEC Appendix J for outsourced services and resilience planning.