Product Manager

About Width

Width is an AI-native compliance platform that unifies KYC, KYB, AML, fraud detection, transaction monitoring, case management and regulatory reporting into a single connected system. Built on the foundations of an award-winning RegTech platform trusted by 500+ clients across 180+ jurisdictions, Width represents the next-generation evolution: deeper AI automation, a full risk lifecycle approach, and regulator-ready auditability by design.

We serve banks, fintechs, digital asset platforms, corporate service providers and other regulated businesses across APAC and globally.

The Role

We are looking for a Product Assurance & Governance Lead to own Width's release discipline, AI governance, regulatory monitoring and certification readiness — keeping the platform defensible, audit-ready and regulator-trusted as it scales across APAC and MENA.

Reporting to the Chief Product Officer and working closely with the CEO and CTO, you will operationalise the risk-tiered release gate process, build the AI model-governance function from the ground up, and run Width's certification roadmap — ISO 27001 is already held; ISO 27701, ISO 42001, SOC 2 Type II, IMDA AI Verify and MAS FEAT are next. This is a foundational hire that will shape how Width ships software safely at scale.

What You'll Do

Risk-Tiered Release Governance

• Operate the release gate process across Tier 1 / Tier 2 / Tier 3 changes — design approvals, evidence requirements, sign-off authorities and escalation paths.
• Own the go / no-go checklist for every production release, ensuring each change has traceable risk classification, test evidence, rollback plan and post-release monitoring.
• Partner with Engineering leads on secure SDLC and DevSecOps integration — shift governance left so releases are not held up at the gate.
• Lead post-incident reviews, extract systemic root causes and feed improvements back into the release process.

AI Model Governance

• Own the AI Model Inventory end-to-end: registration, versioning, risk classification (low / medium / high-impact), intended-use documentation and retirement.
• Define and run the revalidation cadence for every production model; operate drift monitoring, quality-regression tracking and fairness / bias evaluation in coordination with ML engineering.
• Manage the Model Assurance Agent — validate every automated output before it lands in release evidence, audit trails or regulator deliverables.
• Define human-in-the-loop checkpoints, guardrails and failure modes for every AI-powered feature, including incident-response workflows for agent failures, hallucinations and model drift events.

Regulatory Monitoring & Certification

• Maintain Width's regulatory register across APAC (MAS, HKMA, JFSA, RBI), MENA (SAMA, DFSA, VARA) and the Americas (FinCEN, OSFI); run impact assessments and feed obligations into the product roadmap ahead of enforcement deadlines.
• Drive Width's certification roadmap: ISO 27001 (security), 27701 (privacy), ISO 42001 (AI management), SOC 2 Type II, IMDA AI Verify and MAS FEAT — own scoping, evidence packs, auditor liaison and remediation.
• Coordinate security and privacy governance controls in partnership with other functions — aligning SOC 2 scope with ISO 27001 + 27701 to minimise duplicated effort.
• Produce audit-ready evidence packs from scratch: control narratives, sample evidence, change logs and exception registers.

What We're Looking For

• 5+ years in risk, governance, compliance, audit or security engineering roles — ideally inside a regulated financial-services or SaaS environment.
• Demonstrated ability to operationalise abstract standards (ISO / SOC 2 / NIST / regulator guidance) into checklists, evidence packs and repeatable controls.
• Strong AI-governance literacy — risk classification, model evaluation artefacts, drift monitoring, bias testing, incident reporting. Comfortable reasoning about LLM-specific risks: hallucination, prompt injection, data leakage.
• Hands-on experience with ISO 27001 / 27701 and / or SOC 2 audit cycles — pre-audit preparation, live audit fieldwork and remediation.
• Familiarity with APAC regulatory frameworks (MAS, HKMA, FATF) and how they interact with product-level obligations; multi-jurisdiction experience is a strong plus.
• Exceptional documentation discipline — able to produce PRD-grade narratives, control descriptions and clean evidence trails without supervision.
• Excellent stakeholder management — comfortable engaging with engineering, product, security, external auditors and enterprise clients.
• Strong written and verbal communication in English; Mandarin is a plus given our North Asia expansion.

Nice to Have

• ISO 42001 or equivalent AI management-system implementation experience.
• IMDA AI Verify assessment methodology or MAS FEAT alignment work.
• Secure SDLC / DevSecOps experience — pipeline controls, SAST / DAST, SBOM management.
• Direct experience with MAS FinTech regulatory sandbox or equivalent.
• Exposure to model-risk management frameworks (SR 11-7, OCC 2011-12) adapted for ML / LLM systems.
• CISSP, CISM, CIPP/E, CIPM or equivalent governance / security certifications.

Why Width

• Foundational product leadership role — shape the product organisation and vision from the ground up
• Build AI-native compliance products used by 500+ businesses and 3,500+ compliance professionals daily
• Work with a leadership team with deep domain expertise across banking, insurance, consulting, and technology
• Company recognised as RegTech100 (4x), MAS FinTech Award winner, Chartis FCC50 Market Disruptor, and ISO/IEC 27001 certified
• High-growth company expanding across APAC — Singapore, Hong Kong, Taiwan, Korea, Japan