Senior Vice President/Vice President, Specialist, Technology Risk - Applications, Risk Manageme[...]

The Senior Vice President will play a strategic role in overseeing the technology risk posture across the Bank’s technology ecosystem. The role is responsible for providing independent risk oversight, challenge and thematic insights to ensure technology risks are well-managed within the Bank’s risk appetite, and that the technology risk framework remains effective and compliant with regulatory expectations. The ideal candidate combines deep technical understanding with strong governance, communication, and board-level reporting capabilities.

• Risk Oversight and Assurance
  • Provide independent, senior-level challenge and oversight to ensure technology risks are effectively managed across all major programs, initiatives, and the entire technology landscape, with a keen focus on resilience and reliability.
  • Maintain and continuously enhance the technology risk framework, ensuring alignment with the Bank’s risk taxonomy and regulatory requirements.
  • Lead and validate Risk and Control Self-Assessments (RCSA) across diverse technology domains, ensuring comprehensive identification, assessment, and effective control of risks.
  • Conduct thematic reviews and deep dives (e.g., DevOps, AI/ML, third-party risks, Site Reliability Engineering (SRE) practices) to identify systemic issues and emerging threats.
  • Proactively identify and assess emerging technology risks, including those related to disruptive technologies (e.g., AI/ML, quantum computing, advanced analytics, and automation), developing appropriate mitigation strategies.
  • Oversee incident response reviews, recovery assurance and ensure robust operational resilience in line with regulatory expectations and business continuity objectives.
  • Support regulatory inspections and audit response for technology matters.

• Drive development of board-level risk memos, translating technical risk into business impact and actionable recommendations.
• Present and discuss key risk themes and emerging issues with senior management and Board sub-committees.

• Advise technology, operations and business stakeholders on risk design, mitigation plans, residual risk and control enhancement.
• Coordinate with audit, compliance, and other control functions to maintain integrated assurance coverage.
• Actively influence culture, embedding risk discipline in technology delivery practices and engineering mindsets.

• 15+ years of experience in technology risk, IT audit, or comparable roles in financial services.
• Hands-on experience with Risk and Control Self-Assessments (RCSA), risk frameworks, thematic assurance reviews.
• Excellent written and verbal communication skills, including the ability to craft concise, board‑level memos.
• Deep familiarity with key regulatory requirements and guidelines (e.g., MAS TRM, MAS 658, HKMA), and other relevant international standards.
• Proven leadership ability and credibility to engage senior stakeholders and influence across functions.
• Relevant professional certifications such as CISM, CISA, CRISC, CISSP, or equivalent is preferred.
• Demonstrated experience operating effectively within Agile and DevOps development environments, understanding the associated risk profiles, control requirements, and embedding risk management throughout the SDLC.
• Experience working on Data, AI and/or Machine Learning engineering is a plus
• Experience working in a Technology Service Management role is a plus
• Experience working in a complex, multi-national or regional banking environment is a plus.