Business Technology Risk Advisor, VP

State Street Global Technology Services (GTS) is seeking an experienced Business Technology Risk Advisor – Vice President for the APAC region, based in Singapore. This individual will play a critical role in supporting the APAC CIO (based in Singapore) as well as country CIOs across APAC, acting as the local point of contact for the First Line Risk and Control (FLRC) function in the region.

Our technology division, Global Technology Services (GTS), is a key enabler for State Street, supporting our business with essential data and insights. As we drive digital transformation through technologies like cloud computing, artificial intelligence, and automation, we need talented professionals to help us manage risk and deliver innovative solutions tailored to the APAC region’s unique regulatory and business environment. The FLRC function partners with technology business lines and CIOs, acting as an independent advisor within the first line of defense. This APAC‑based VP role will work closely with the APAC Regional CISO and the regional head of Regulatory Management Services, supporting regional boards and business leadership, and ensuring alignment with both global and local risk management strategies.

Reporting Line: The role reports to the Regional FLRC Managing Director located in India. Key Stakeholders: The VP will support the APAC CIO (Singapore‑based), country CIOs across APAC, the APAC Regional CISO, and the regional head of Regulatory Management Services. Regional Point of Contact: Acts as the primary FLRC representative for the APAC region, ensuring effective communication and coordination between global risk functions and local business and technology leadership.

• Serve as the local FLRC point of contact for APAC, supporting the APAC CIO and country CIOs
• Support the development and implementation of process enhancements aligned with business objectives and regional requirements
• Assist in planning and executing projects aimed at risk reduction, with a focus on APAC‑specific risks
• Apply re‑engineering techniques to improve process efficiency and product quality
• Collaborate on metrics development and use data to drive performance improvements
• Partner with second and third lines of defense to ensure alignment with risk management and control goals
• Work closely with the APAC Regional CISO and regional head of Regulatory Management Services to address cybersecurity and regulatory risks
• Support regional boards and business leadership with risk insights and reporting

• Strong expertise in risk management, with a focus on APAC regional regulatory requirements
• Ability to partner with Technology leaders as a trusted advisor
• Experience in process optimization initiatives
• Understanding of regulatory remediation, especially in the APAC context
• Strong verbal and written communication skills, including experience presenting to regional boards and senior leadership
• Ability to operate effectively in a dynamic, fast‑paced, and multicultural environment
• Critical thinking, problem‑solving, and decision‑making skills to anticipate business, regulatory, and technological risk exposures
• Ability to articulate risk and control considerations to management
• Strong execution and program management skills
• Collaborative approach with the ability to engage multiple stakeholders across countries and cultures
• Competence in managing tasks through effective prioritization

• Understanding of SDLC methodologies including Agile, Waterfall, and DevOps
• Experience in managing and mitigating risks throughout the SDLC
• Ability to conduct risk assessments and audits during SDLC phases

• Knowledge of network architecture and infrastructure components
• Experience with cloud platforms such as AWS, Azure, or Google Cloud
• Ability to identify and address infrastructure security and performance risks

• Understanding of cybersecurity principles and practices
• Experience with risk management tools and software
• Analytical skills to interpret technical data and recognize potential risks
• Experience supporting risk mitigation strategies

• Demonstrated understanding of emerging risks associated with generative AI (Gen AI) and agentic AI, including:
• Awareness of potential threats such as data leakage, model bias, autonomous decision‑making, and regulatory compliance challenges
• Ability to assess, monitor, and advise on controls for AI‑driven systems and processes
• Staying current with industry trends, frameworks, and best practices for managing AI‑related risks

• RSA Archer
• ServiceNow ITSM

• Knowledge of COBIT for IT governance and management
• Familiarity with NIST frameworks for cybersecurity and risk management
• Understanding of ITIL for IT service management and risk mitigation

• Bachelor’s degree in Computer Science, Information Technology, IT Security, Risk Management, or related discipline required
• Advanced degree preferred
• Minimum of 10 years’ experience in risk management, auditing standards, and best practices, with at least 5 years in a leadership or advisory capacity
• Strong understanding of APAC regional regulatory requirements and experience supporting regional boards and business leadership

At State Street, we value diverse backgrounds and experiences. We encourage applications from candidates who demonstrate adaptability, innovative thinking, teamwork, and data‑driven decision‑making—even if not all qualifications are met.