AVP Enterprise Risk (Technology)

We are ADDX, the entry point into private markets, and we aim to democratize private market investments. As a team, we strive to build a future where everybody can access financial ecosystems easily, fairly, and safely. Our team’s belief is real economies benefit when capital flows freely and efficiently, especially in the private market space.

• We have built the world’s first fully regulated platform for digital securities, licensed by the Monetary Authority of Singapore (MAS).
• ADDX is a global private market exchange headquartered in Singapore. To date, ADDX has listed more than 60 deals on its platform and worked with blue‑chip names such as Hamilton Lane, Partners Group, Investcorp, Singtel, UOB, CGS‑CIMB, as well as Temasek‑owned entities Mapletree, Azalea, SeaTown and Fullerton Fund Management.
• The full‑service capital market platform has raised a total of US$140 million in funding since its inception in 2017.
• We are backed by companies such as Singapore Exchange (SGX), the Stock Exchange of Thailand (SET), Temasek subsidiary Heliconia Capital, Japan Investments Corporation, the Development Bank of Japan (DBJ), UOB, KB Securities, Tokai Tokyo Financial Holdings and Hamilton Lane.

We are growing, and we are looking for talented individuals to join our team and take us forward as the leader of the private market. If you believe in a future of fair financial markets, just like we do, we’ve been waiting for you at ADDX.

We are seeking a highly motivated and experienced AVP, Enterprise Risk (Technology) to join our Risk team. This role is pivotal in strengthening our enterprise risk management posture, with a strong focus on technology governance, resilience, and compliance. You will play a key role in shaping risk frameworks, driving oversight initiatives, and supporting strategic risk reporting.

- Review and enhance Enterprise Risk Frameworks, Policies, Guidelines, and Procedures.

- Propose and support the development of oversight, testing, and technology resilience roadmaps.

- Serve as secretariat for the Company Risk Steering Committee, including development of agenda, minutes, and follow‑ups.

- Lead the review and assessment of MAS Technology Risk Management compliance and self‑attestation.

- Test and evaluate the effectiveness of technology risk controls.

- Maintain and manage the Enterprise Risk Register, Risk Deviations Register, and Outsourcing Risk Register.

- Oversee Business Continuity Management (BCM) and Incident Response (IR), with a focus on technology resilience and recovery strategies.

- Plan and conduct Tabletop exercises to test effectiveness of BCM, incidents and crisis response.

- Collaborate with Information Security to identify, propose, and monitor Technology and InfoSEC Key Risk Indicators (KRIs) and Key Control Indicators (KCIs).

- Assist in the procurement of Internal Audit or other certification vendors (e.g., Internal Audit, SOC 2, ISO 27001) and coordinate audit activities.

- Conduct training sessions on Business Continuity Planning and Incident Response for staff.

- Mentor and train interns on ERM and BCM principles and practices.

- Support the development and implementation of an in‑house ERM Reporting and Dashboard system.

In addition to the above, the candidate may be required to perform other duties and roles as reasonably assigned from time to time to support the enterprise risk function.

- Bachelor’s degree in a relevant field (e.g., Information Systems, Risk Management, Business).

- 5–7 years of experience in risk management, with a strong focus on technology risk.

- Professional certification in risk management (e.g., CPRM, CRMP) is highly preferred.

- Strong familiarity with MAS Technology Risk Management Guidelines and regulatory expectations is highly preferred.

- Strong analytical skills and a collaborative, team‑oriented mindset.

- Proficiency in MS Office Suite, MS PowerPoint, Canva, and MS Power BI.