Head of IT Governance and Risk, Asia

Job description

IT Governance and Risk Management is a regional function in Asia responsible for technology governance across key pillars and for overseeing risk management. This function works closely with IT functions to foster a strong risk culture and awareness.

Tasks

- Lead the design, implementation, and ongoing improvement of the bank’s IT governance and risk framework, including policies, standards, and procedures for IT operations, changes, projects, outsourcing, and cloud computing, etc. - Monitor and evaluate the effectiveness of the first line of IT controls (e.g., access management, change management, incident/problem management, vulnerability and patch management, EUC governance, EOL technology), and drive the resolution of gaps

Your challenge

- Ownership and maintenance of the IT risk register; regular risk identification in collaboration with IT service providers, platform owners, and project owners; and ensuring that appropriate assessments, treatment plans, and timely closure of risk actions are carried out - Coordinate and execute key IT risk processes such as RSCAs, risk scenario analyses, and KRIs/KPIs, and provide clear, data-driven insights into technological and cyber risk exposure

Requirements

• Excellent communication and stakeholder management skills, with a proven track record of engaging auditors, regulatory authorities, and senior management on complex technological risk issues
• Proven ability to work at the senior level, influence senior stakeholders, challenge assumptions constructively, and drive change across multiple IT functions
• Extensive experience in IT governance, technology risk, or IT control roles in the banking sector, preferably in private banking or wealth management
• Strong understanding of MAS technology and operational risk expectations, as well as industry frameworks (e.g., ISO 27001, ITIL, COBIT) and cyber risk practices

We offer

No information available.