VP, Technology Risk Management

The Role

Our client, a major financial institution with a significant regional footprint, is looking for a VP-level technology risk professional to join their Technology Risk Management function. The role operates in a first-line capacity with a strong governance and assurance mandate — sometimes referred to as a "line 1.5" function — where you will be expected to independently challenge, govern, and strengthen risk practices across the technology and operations division.

This is not a policy-writing or checkbox compliance role. You will need genuine technical depth to credibly interrogate infrastructure and application risks, sharp judgement to make timely calls during live incidents, and the communication sophistication to engage regulators and senior leadership with precision.

What You Will Do

• Own end-to-end oversight of technology risk governance across the institution's technology and operations environment — identifying gaps, driving remediation, and ensuring risk exposure stays within appetite
• Act as a credible technical challenger to operational teams: reviewing the adequacy of technology controls, processes, and architectures, and holding teams accountable for the quality and sustainability of their risk responses
• Lead incident oversight during high-severity and material technology events — this includes 24/7 availability to investigate, assess impact, and produce precise, concise reports for senior management and regulators within tight deadlines
• Serve as the primary point of contact for regulatory engagement on technology risk and incident matters; frame responses strategically and ensure submissions are accurate, complete, and defensible
• Monitor the technology risk landscape — tracking incidents, audit findings, regulatory breaches, and emerging issues — and ensure timely escalation with well-defined remediation plans and clear ownership
• Produce risk reporting and governance materials for senior leadership and board-level committees, including trend analysis, key risk indicators, and thematic insights
• Collaborate across a wide network of internal stakeholders — spanning technology, operations, compliance, and second-line risk functions — to drive a consistent and robust approach to technology risk management
• Support the operationalisation of new regulatory requirements related to technology risk, incident reporting, and operational resilience
• Cultivate risk awareness and a strong risk culture across the technology division through guidance, challenge, and ongoing engagement

What You Bring

• At least 10 years of experience in technology risk, IT audit, or related disciplines, with a minimum of 5 years in a banking or regulated financial services environment
• Sufficient technical depth to independently assess and challenge the adequacy of technology processes, controls, and architectures — including core banking systems, digital channels, payment infrastructure, and cloud or hybrid environments
• Proven experience managing or overseeing technology incidents at scale, with the ability to operate calmly and decisively under pressure and produce clear, accurate reporting within constrained timeframes
• Hands-on familiarity with Singapore's financial regulatory environment, including MAS Technology Risk Management Guidelines, Cyber Hygiene Notices, Outsourcing Guidelines, and incident reporting frameworks
• Demonstrated ability to engage directly with regulators — preparing responses, managing queries, and navigating supervisory interactions with professionalism and strategic clarity
• Strong stakeholder management skills across a complex, matrixed organisation; able to influence without authority and maintain credibility at senior levels
• Excellent written and verbal communication — including the ability to translate technical risk issues into concise, decision-ready narratives for non-technical audiences
• Experience with third-party and outsourcing risk governance is an advantage
• Professional certifications such as CRISC, CISA, CISM, or CISSP are advantageous

Who Will Thrive Here

This role suits someone who wants to be closer to the action — where decisions have real-time consequences. You are comfortable being on call, you can shift between strategic thinking and operational detail without losing altitude, and you take pride in the quality and precision of your output. If you want a role with genuine visibility, genuine accountability, and genuine impact, this is it.