VP/SVP, Technology Risk Management
Our client is a globally focused organisation committed to maintaining the highest standards of technology risk governance within a dynamic, innovation-driven environment. The company promotes a culture of continuous improvement, collaboration, and proactive risk management, making it an attractive workplace for professionals seeking to influence technological resilience and regulatory compliance at a senior level. This role involves leading the technology risk management function to oversee security, resilience, and regulatory adherence across infrastructure, applications, cloud, and cybersecurity domains. It offers the opportunity to shape risk strategies and work closely with senior stakeholders to ensure the organization’s technology landscape is secure and compliant.
Role Overview:
The VP/SVP of Technology Risk Management is responsible for establishing and maintaining the organisation’s technology risk governance framework. This senior role involves providing independent oversight, strategic risk advice, and ensuring effective risk monitoring and issue remediation. The position is crucial in safeguarding our client’s technological environment, supporting digital transformation initiatives, and maintaining regulatory integrity.
Key Skills & Experience:
- 8–12 years of relevant experience in Technology Risk, IT Audit, Cyber Risk, or related roles, preferably within financial services or regulated environments
- Proven experience in a second-line risk management or oversight position
- Familiarity with regulatory frameworks such as MAS TRM, ISO 27001, and NIST
- Knowledge of modern technology architectures (e.g., APIs, microservices, cloud-native environments) is advantageous
- Experience with data analytics, automation tools, or scripting is advantageous
- Bachelor’s degree in Information Technology, Information Systems, Computer Science, Cybersecurity, or related field
Key Responsibilities:
- Establish, implement, and enhance the Technology Risk Management framework across infrastructure, applications, cloud, cybersecurity, and resilience domains
- Define and operationalize risk appetite, KRIs, and tolerance thresholds for all technology risk areas
- Lead and support governance forums and committees, providing independent oversight and challenge
- Perform second-line independent review of technology and cybersecurity risks, evaluating decisions on system architecture, cloud adoption, cybersecurity posture, and disaster recovery
- Escalate risk exposures, control gaps, and breaches to senior management and committees
- Act as a strategic risk advisor to technology, product, and business teams, supporting early risk identification and embedding secure-by-design controls
- Oversee risk assessments across IT infrastructure, applications, cloud environments (e.g., AWS), and cybersecurity controls
- Develop continuous risk monitoring using data analytics and automation tools, translating technical findings into business insights
- Provide oversight and challenge across key cybersecurity domains such as IAM, vulnerability management, network security, data protection, and incident response
- Oversee the identification, tracking, and remediation of technology risk issues, ensuring sustainable and timely actions
- Support regulatory compliance and engagement activities, including interactions with regulators and auditors
- Identify and assess emerging technology risks, providing insights and mitigation recommendations to senior management
- Engage and influence senior stakeholders through risk-based reporting, dashboards, and key insights
From 20/03/2026, this is a full-time, on-site opportunity with a 2-year duration.
Interested candidates are encouraged to apply to join a forward-thinking organisation committed to technological excellence and risk management leadership.
