Head of Technology Risk Management
Position Summary
The Head of Technology Risk Management will lead the design, development, and execution of a comprehensive Information Risk Management Framework for a prominent financial institution. This executive will chair the internal Information Risk Committee, serve on the Enterprise Risk Management Committee, and regularly report to the Board's Risk Committee.
This role is responsible for establishing and maintaining risk management policies and controls that ensure compliance with applicable banking laws and regulations. The leader will provide strategic guidance to first-line teams, collaborate with senior executives across the organization, and serve as a key liaison with regulatory bodies.
Key Responsibilities
- Implement and oversee the enterprise-wide Information Risk Management framework for technology functions.
- Develop and maintain IT risk policies and standards, in coordination with Information Security and Business Continuity teams.
- Lead regulatory exam readiness and ensure consistent documentation and control practices across technology operations.
- Manage policy exceptions and risk acceptances within the governance framework, ensuring regular review and alignment with risk appetite.
- Drive the development of integrated, automated risk reporting processes to support enterprise-level risk aggregation and oversight.
- Identify material risks in collaboration with technology teams and establish procedures and standards to mitigate those risks.
- Educate process owners on control design, testing, and performance metrics (KPIs/KRIs).
- Maintain and evolve the organization's technology process taxonomy and its integration with the central GRC platform.
- Align risk and audit practices with agile operating models and influence enterprise-wide risk appetite definitions.
- Serve as the escalation point for non-compliance issues and monitor resolution progress.
- Partner with legal and compliance to track new regulatory requirements and ensure timely implementation.
- Collaborate on regulatory exam responses and ensure alignment with enterprise risk and legal teams.
Qualifications
- Bachelor's degree in a relevant field required.
- Minimum of 15 years of experience in risk or audit functions within the banking sector.
- At least 10 years of leadership experience, including IT project management.
- Strong analytical skills with the ability to synthesize complex data into actionable insights.
- Deep understanding of technology and emerging trends in regulatory compliance.
- Excellent communication skills, with the ability to engage across all levels of the organization and with external stakeholders.
- Ability to explain risk concepts clearly to operational teams and resolve conflicting viewpoints effectively.
- Professional certifications such as CISA or CISSP are preferred.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.