We are seeking a dynamic and experienced Head of Technology Risk to lead our client's front-line technology risk function. This leadership role is critical in embedding a proactive risk culture across the technology organisation, ensuring risks are identified, assessed, mitigated, and monitored effectively in line with regulatory expectations and the firm's risk appetite.
You will be responsible for driving the operationalisation of risk management within Technology, partnering closely with Line 2 Risk, Internal Audit (Line 3), and key business stakeholders to safeguard the organisation's technology landscape while enabling innovation and agility.
Responsibilities :
Risk Governance & Strategy
- Lead a Line 1 Technology Risk function, acting as the primary risk partner to Technology leadership.
- Define and execute the Technology Risk strategy, aligned with the enterprise risk framework and business objectives.
- Champion a culture of ownership and accountability for risk within the Technology teams.
Risk Identification, Assessment & Mitigation
Own and manage the risk identification and assessment process for technology domains, including infrastructure, cloud, data, applications, DevSecOps, and AI.Drive timely and effective resolution of risk issues, incidents, and audit findings in collaboration with system owners.Conduct thematic risk reviews and deep dives on areas such as cloud transformation, resilience, third-party risk, AI / ML, and cybersecurity.Develop and maintain risk registers, Key Risk Indicators (KRIs), and control metrics.Produce regular risk dashboards and reports for senior management and governance committees.Escalate emerging risks and incidents in a timely manner, with actionable insights.Embed and continuously improve controls across SDLC, change management, access governance, incident response, and vulnerability management.Ensure compliance with regulatory requirements (e.g., MAS TRM, HKMA, PRA, EU AI Act), internal policies, and industry best practices.Lead control testing and readiness assessments for regulatory reviews and audits.Stakeholder Management & Leadership
Act as the key liaison between Technology and 2nd / 3rd Line Risk, Internal Audit, Compliance, and Regulators.Build strong partnerships with engineering, cybersecurity, data, and operations teams.Lead, mentor, and grow a high-performing Tech Risk team.Requirements :
10-15 years' experience in Technology Risk, Information Security, or IT Governance , ideally with exposure to Line 1 roles.Proven track record leading or building a Line 1 risk function in a regulated environment (e.g., banking, insurance, asset management)Strong leadership, communication, and stakeholder engagement skills.Ability to influence senior technology and business leaders with a collaborative, business-enabling approach.Comfortable presenting risk matters to executive committees and boards.If you're interested to apply or find out more, please share across your CV or reach out to Chen Yi at for a discussion.
#J-18808-Ljbffr
