Risk & Controls Project Manager (Agile SDLC / IT Lifecycle Controls)

Position Title :: Risk & Controls Project Manager (Agile SDLC / IT Lifecycle Controls)

Duration :: 12 months Contract

Locations :: Plano, TX 75024

Job Description:

Role summary

The Risk & Controls Project Manager leads cross-functional initiatives to define, implement, and sustain risk and control policies across technology domains spanning application delivery (Agile SDLC) and IT hardware lifecycle (procurement, build, deploy, maintain, retire). The role drives consistent control adoption across teams, ensures measurable compliance, and partners with Technology, Risk, Compliance, Cyber, and Audit stakeholders to reduce operational risk while enabling efficient delivery.

Key responsibilities

• Program / project leadership: Plan and execute a portfolio of risk and control initiatives, managing scope, milestones, dependencies, RAID, and executive reporting.
• Control policy execution: Translate policy/control requirements into actionable standards, procedures, and implementation plans across applications and IT asset lifecycles.
• Agile SDLC controls integration: Embed control requirements into Agile ceremonies and delivery practices (e.g., definition of done, CI/CD gates, testing, release, change, incident/problem, vulnerability remediation).
• IT hardware lifecycle controls: Drive controls across asset intake, inventory, configuration, patching, secure build, decommissioning, and disposal; partner with infrastructure and asset management teams.
• Stakeholder management: Coordinate across product owners, engineering, infrastructure, cyber, risk, compliance, and audit to align priorities and remove delivery blockers.
• Evidence and assurance: Define documentation and evidence expectations; support control testing, audits, and issue remediation (including action plans, validation, and closure).
• Metrics and continuous improvement: Establish KPIs/KRIs and control health dashboards; analyze control exceptions and trends; implement sustainable process improvements.
• Governance & communication: Facilitate working groups, steering committees, and design reviews; maintain clear communications and decision logs.

Required qualifications

• Experience as a Project/Program Manager delivering risk, controls, or governance initiatives in a technology environment.
• Strong knowledge of Agile SDLC concepts and how controls map into product/engineering delivery.
• Familiarity with technology control domains (e.g., access management, change/release, secure configuration, vulnerability/patch management, asset management, logging/monitoring, third-party or procurement controls).
• Proven ability to manage complex, multi-stakeholder workstreams and drive outcomes through influence.

Preferred qualifications

• Experience working with infrastructure / end-user / data center / network teams on IT asset and hardware lifecycle processes.
• Exposure to common control and risk frameworks (e.g., NIST, ISO 27001, COBIT) and audit/testing lifecycle.
• Tooling familiarity (examples): Jira/Confluence, ServiceNow, GRC platforms, CI/CD tooling, asset inventory/CMDB.
• Certifications (nice to have): PMP/PMI-ACP, CSM/SAFe, ITIL, CRISC/CISA.

Core competencies

• Delivery rigor (planning, dependency management, RAID, executive-ready reporting)
• Control-minded execution with pragmatic, engineering-friendly implementation
• Clear written communication and ability to translate policy into buildable requirements
• Data-driven management (metrics, dashboards, remediation tracking)
• Strong facilitation and conflict resolution across diverse technology teams

About AgreeYa:

AgreeYa is a global systems integrator delivering a competitive advantage for its customers through software, solutions, and services. Established in 1999, AgreeYa is headquartered in Folsom, California, with a global footprint and a team of more than 1,800+ professionals across offices. AgreeYa works with 550+ organizations ranging from Fortune 100 firms to small and large businesses across industries such as Telecom, Banking, Financial Services & Insurance, Healthcare, Utility & Energy, Technology, Public Sector, Pharma & Biotech, Retail, Client, and others. Please visit us at for more information.

Equal Opportunity:

AgreeYa is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, gender identity, sexual orientation, national origin, disability, veteran status or other protected characteristics. Visit our website at to learn about our Career & Culture.