Head of Technology Governance

We are seeking an experienced and strategic leader to join our client's organization as the Head of Technology Governance. In this critical role, you will be responsible for establishing and leading the governance framework that ensures the effective management of technology-related risks and the alignment of IT activities with the organization’s strategic objectives. This role involves overseeing IT policies, standards, and procedures, ensuring compliance with regulatory requirements, managing third-party risks, and fostering a culture of accountability and continuous improvement within the technology function. The Head of Technology Governance will collaborate closely with senior leadership, risk management, compliance, and IT teams to ensure that governance practices are integrated into all aspects of the organization’s technology operations.

Key Responsibilities:

Risk Management:

• Identify, assess, and manage technology-related risks, ensuring they align with the organization’s risk appetite and mitigation strategies.
• Collaborate with the risk management team to conduct regular risk assessments and audits of IT systems, processes, and third-party vendors.

Compliance and Regulatory Oversight:

• Ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, SOX, ISO 27001).
• Lead the organization’s response to IT audits and regulatory examinations, providing necessary documentation and evidence of compliance.

Policy and Procedure Management:

• Oversee the creation, review, and updating of IT policies, procedures, and guidelines.
• Ensure that IT policies are communicated effectively across the organization and adhered to by all employees.

Incident Management:

• Develop and implement comprehensive incident management processes to ensure timely and effective response to IT incidents, security breaches, and operational disruptions.
• Oversee root cause analysis, remediation efforts, and post-incident reviews to prevent future occurrences and enhance overall resilience.

Third-Party Risk Assessment:

• Lead the assessment and management of risks associated with third-party vendors and service providers.
• Establish and maintain a robust third-party risk management framework, including due diligence processes, ongoing monitoring, and periodic reviews.
• Ensure third-party vendors comply with the organization's IT governance standards and regulatory requirements.

Performance Monitoring and Reporting:

• Develop and track key performance indicators (KPIs) and metrics to monitor the effectiveness of technology governance practices.
• Prepare and present regular reports to senior management, the board of directors, and relevant committees on IT governance, risk management, compliance activities, and third-party risk status.

Stakeholder Engagement:

• Act as a liaison between the IT department and other business units to ensure alignment of technology initiatives with business goals.
• Collaborate with senior leadership to drive technology strategy and innovation while ensuring robust governance and risk management.

Qualification:

• At least 8-12 years of experience in IT governance, risk management, compliance, or a related field.
• Proven experience in developing and implementing IT governance frameworks, managing technology-related risks, and handling third-party risk assessments.
• Experience in incident management, application security risk review, and working with regulatory bodies and handling IT audits.
• Relevant certifications such as CISM, CRISC, CGEIT, ITIL, COBIT, or CISSP are highly desirable.
• Strong understanding of IT governance principles, risk management practices, application security, and regulatory compliance requirements.
• Excellent leadership, communication, and interpersonal skills.
• Ability to influence and collaborate with senior management and cross-functional teams.
• Analytical mindset with strong problem-solving skills.

MORGAN MCKINLEY

EA Licence No: 11C5502

Registration No: R1106192