Head of Technology and Operations Risk (1LOD)
The Head of Technology & Operations Risk will lead the first line of defence (1LOD) risk function, responsible for establishing, executing, and continuously enhancing the risk and control framework across Technology and Operations. The role ensures that technology, operational, and cyber risks are effectively identified, assessed, and managed, enabling innovation and operational excellence while maintaining resilience and regulatory compliance.
This is a strategic leadership position requiring strong partnership with engineering, operations, cybersecurity, enterprise risk, and audit teams. The ideal candidate combines deep technical fluency with risk management acumen and proven experience influencing senior stakeholders across a complex, global organization.
Key Responsibilities :
Risk Governance & Framework Development
- Lead the design and implementation of the Technology & Operations risk management framework, aligned to enterprise risk policies, regulatory expectations, and industry best practices (e.g., MAS TRM, BNM RMiT, ISO 27001, NIST, COBIT).
- Establish robust governance processes, including risk committees, issue escalation, control testing, and key risk indicator (KRI) monitoring.
- Develop and maintain the 1LOD control environment to ensure risks are managed within defined risk appetite.
Technology Risk Oversight (Cloud, SDLC, Infrastructure)
Oversee risk management for cloud transformation initiatives, hybrid infrastructure, and application development lifecycles (Agile, DevSecOps, CI / CD).Ensure secure-by-design practices are embedded across the SDLC and that key risks in automation, data, and third-party services are proactively mitigated.Challenge and guide technology teams on design decisions, resilience, and operational readiness.Operations Risk Management
Drive operational risk governance for core processes such as service delivery, outsourcing, change management, and business continuity.Lead thematic reviews on key operational risk areas, ensuring effective mitigation and remediation.Partner with Operations leadership to strengthen control design, assurance, and incident management practices.Regulatory & Audit Engagement
Ensure readiness for regulatory inspections and internal / external audits; coordinate responses and follow-through on remediation plans.Maintain oversight of regulatory developments in technology and operational risk across key jurisdictions; assess impact and ensure compliance.Serve as primary liaison for technology and operations risk topics with enterprise risk, compliance, and audit functions.Leadership & Culture
Build, lead, and develop a high-performing team of risk professionals across geographies.Promote a proactive, business-enabling risk culture within Technology and Operations.Provide thought leadership on emerging risks, such as AI governance, digital resilience, and supply chain risk.Key Requirements :
Bachelor's or Master's degree in Information Technology, Computer Science, Engineering, or related field.15+ years of experience in Technology Risk, Operational Risk, or IT Governance, with at least 5 years in a leadership capacity.Strong knowledge of technology and operational risk principles across cloud, infrastructure, and enterprise operations.Proven experience operating in a 1st Line of Defence capacity, managing complex control environments and leading cross-functional risk initiatives.Deep understanding of financial services regulatory frameworks (e.g., MAS TRM, BNM RMiT, HKMA TM-G-1, ISO / NIST).Excellent stakeholder engagement and influencing skills; able to balance governance with business enablement.Willingness to relocate internationally for the right opportunity.To apply :
If you're interested to apply or find out more, please share your CV or reach out to Chen Yi at for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.
Reg : R
Lic : 16S8060
#J-18808-Ljbffr
