VP, Technology Risk and Controls

We are seeking an experienced Technology Risk & Controls lead to join the first-line governance and controls function within a highly regulated financial services environment. This role will be responsible for strengthening technology and cybersecurity risk management practices, driving regulatory compliance, overseeing control effectiveness, and partnering with technology stakeholders to improve the organisation's overall risk posture.

The successful candidate will play a key role in technology risk governance, control assessments, audit and regulatory engagement, policy oversight, and risk reporting, while supporting continuous improvement initiatives across technology and cybersecurity domains.

Key Responsibilities:

Technology Risk Management

• Drive ongoing review and assessment of technology and cybersecurity risks across the organisation.
• Facilitate risk and control self-assessments and identify emerging technology risks arising from business, operational, regulatory, or technology changes.
• Develop and maintain meaningful risk metrics, dashboards, and reporting to provide management visibility into technology and cyber risk exposure.
• Support the development and enhancement of technology risk frameworks, methodologies, and governance processes.

Governance & Controls

• Oversee the governance of technology policies, standards, procedures, and control documentation to ensure they remain current and aligned with regulatory requirements.
• Assess the effectiveness of technology and cybersecurity controls and recommend improvements where necessary.
• Promote a strong technology risk and cybersecurity culture through awareness, engagement, and continuous improvement initiatives.

Audit & Regulatory Compliance

• Partner with internal audit, external audit, risk, compliance, and regulatory stakeholders on technology and cybersecurity-related matters.
• Coordinate audit activities, manage remediation efforts, and track closure of audit findings.
• Support the implementation and monitoring of compliance programmes to ensure adherence to relevant regulatory requirements and industry standards.
• Monitor regulatory developments and assess their impact on technology risk management practices.

Technology & Cyber Risk Oversight

• Partner with technology, cybersecurity, and business stakeholders to identify, assess, and manage technology and cyber risks.
• Support oversight of third-party and vendor risk management activities.
• Drive initiatives to improve cybersecurity resilience, vulnerability management, and technology risk visibility.
• Provide management reporting and recommendations to senior stakeholders on technology and cyber risk matters.

Requirements:

• Degree in Information Technology, Computer Science, Cybersecurity, Risk Management, Audit, or a related discipline.
• At least 8 years of experience in technology risk, cybersecurity governance, IT controls, audit, compliance, or risk management within financial services or other regulated environments.
• Strong understanding of technology risk management frameworks, governance processes, and control assessment methodologies.
• Experience supporting audits, regulatory reviews, and remediation programmes.
• Familiarity with cybersecurity and technology risk frameworks such as NIST, ISO 27001, CIS Controls, or equivalent.
• Knowledge of cloud risk management, third-party risk, vulnerability management, and cybersecurity governance practices.
• Relevant certifications such as CISA, CISM, CRISC, CISSP, or equivalent would be advantageous.
• Experience with data analytics, risk reporting, and dashboarding tools would be beneficial.

To apply:

If you're interested to apply or find out more, please share across your CV or reach out to Chen Yi via LinkedIn or at [Confidential Information] for a discussion. Due to the confidential nature of this search, we regret to inform that only shortlisted candidates will be notified.

Reg: R1876389

Lic: 16S8060