Vice President, Regional Technology Risk Manager

Requirements

• Bachelor's degree or higher in Computer Science, Information Technology, Engineering, or a related technical discipline.
• Minimum 10 years of relevant experience in Technology Risk, IT Governance, IT Controls, Technology Assurance, or Information Security Governance, with at least 7 years in the financial services industry.
• Strong understanding of regional regulatory frameworks and guidelines, including MAS TRM, MAS Cyber Hygiene, BNM RMiT, RBI Master Directions and broader APAC technology risk expectations.
• Proven ability to identify technology risks, assess control effectiveness, and recommend practical and sustainable remediation measures.
• Solid knowledge of cyber risk management practices and industry-standard controls.
• Excellent communication, presentation, and stakeholder management skills, with the ability to engage effectively with senior stakeholders, including C-suite executives, across diverse technology domains.
• Experience in delivering security awareness or risk training programmes within an organisation is an advantage.
• Strong analytical and critical thinking capabilities, with the ability to operate both strategically and tactically in a dynamic environment.
• Relevant professional certifications such as CISSP, CISM, or CRISC.
• Experience leveraging advanced technologies (e.g., agentic AI, Machine learning) and data visualisation tools to enhance reporting efficiency and streamline manual processes.

Additional Information

Lead and support regional regulatory compliance initiatives, including gap analyses against requirements such as MAS Cyber Hygiene, MAS TRM, and BNM RMiT, as well as responding to regulatory circulars and questionnaires. Oversee IT GRC activities across APAC entities, including consolidation of risk reporting, support for internal and external audits, and review of risk acceptance requests. Act as the primary liaison for technology risk matters during major audits, facilitating effective communication between auditors and technology/operational teams. Where necessary, provide independent challenge to audit observations to ensure accuracy, context, and fair representation of risks, while supporting timely and appropriate remediation actions. Serve as a trusted advisor to technology teams on risk, control, and regulatory matters, and partner with stakeholders to remediate identified technology risks. Coordinate and facilitate control self-assessment (CSA) activities, including performing independent control testing where required and assessing the adequacy of control design and documentation. Provide effective first-line challenge (1LOD) to technology units on risk identification, prioritisation, and remediation, and deliver risk opinions and recommendations to IT management and second line of defence (2LOD). Support 2LOD in strengthening risk governance practices, including the development of Key Risk Indicators (KRIs), enhancement of the Technology Risk Management framework, and ongoing monitoring and reporting. Maintain and enhance IT policies, standards, and procedures under the team's ownership to ensure alignment with regulatory and organisational requirements.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at SUMITOMO MITSUI BANKING CORPORATION Singapore Branch? Share your experience