Head of Divisional Controls

A Senior Technology Risk leadership background to work with the business stakeholders and the technology Risk teams includes identifying, assessing, and managing technology risks across infrastructure, applications, cloud, data, cybersecurity, third party services, and emerging technologies and able to understand the business needs

This role is responsible for working proactively in a team supporting the Company in its execution of risk management accountabilities and responsibilities.

The tasks or activities for which this role is responsible each day are set out in Group policies, standards and guidance notes and revolve around technical, operational and compliance event management, change risk management, remediation/response, risk and obligation profiling.

Advising business leaders on the application of the risk and compliance management framework to evaluate risks in order to achieve business outcomes.

Engaging and managing senior stakeholders to implement and improve business systems and processes through the use/integration of the risk and compliance framework.

Working with the business to implement systems and controls to manage the requirements of risk and compliance policies which apply to the business.

Risk profiling: assisting to identify key risks and design of indicators to monitor, input into Divisional Risk Setting Statements as relevant.

Designing controls: assisting to identify the right key controls to mitigate key risks and obligations applicable to the business in partnership with specialist controls team.

Providing guidance on risk and control items including Subject Matter Expertise for the following: Risks, Obligations Events, Change, and related Policies; Remediation action plans to address any control design or operating effectiveness gaps; Requisitions on

Management attestations, ensuring evidence is consolidated at a Sub-Divisional level;

Relevant Risk Management Forums and/or other risk related committees as required.

Engaging the relevant Enterprise Controls communities for expert assistance as appropriate.

Providing business specific input and context to: Risk deep dive reviews; Internal Audit reviews; Assurance reports; Action plans for ineffective operational controls.

Uplifting risk management maturity, culture and practices.

Assisting in regulatory responses and regulatory engagement matters.

Providing strategic guidance to the team on scope and approach for testing of controls

Assisting in regulatory responses and regulatory engagement matters

Deep understanding of technology and operational risk frameworks.

Ability to design and embed first-line risk controls aligned with Group standards.

Excellent time management and ability to multi-task and adapt to changing priorities.

Ability to conduct detailed technical assessment to uplift controls and processes in a fast-changing technology & business landscape.

Proven ability to perform and coach within in a high performing team.

Practical approach to solving issues with strong commercial acumen.

Exposure to the operations and technology teams and the challenges that they face.

Strong written and verbal communication skills.

Ability to influence colleagues and executives to take action to strengthen outcomes for colleagues and customers.

Ability to provide clear insights and recommendations on risk posture.

10+ years experience in technology and operational risk management.

5+ years in senior leadership roles managing risk in large, complex, cross-border organisations.

Operational experience in offshore / shared services models implementing 1LOD risk frameworks, and good understanding of offshore delivery models.

Experience in regulatory and compliance arrangements for offshore / shared services models with ability to design and implement technical and operational controls.

Working knowledge of SDLC, banking platforms, and system workflows

Proven ability to perform in a high performing team.

Tertiary qualification in a relevant technology/business-related discipline (or equivalent business/technology experience).

Relevant Risk and Controls Certifications will be highly regarded, e.g. CISSP, CISA, CRISC, etc

Post Graduate qualification desirable.

Attractive salary

20-day paid annual leave and 7-day paid sick leave

13th month salary and Annual Performance Bonus

Premium healthcare for yourself and family members

Monthly allowance for team activities

Premium welcome kit and occasional gifts of appreciation

Extra benefits on your work anniversary

Large scale products with modern technologies in banking domain

Clear roadmap for career advancement in both technical and leadership pathways

Access to digital learning platform such as Udemy

Consistent and high-quality leadership training through the Distinctive Leadership program (DLP)

Specialist capabilities and accreditations in key skill areas such as Cloud Engineering, Digital, Data, Security and SREs (Site reliability engineers)

Sponsored English course with native teachers

Opportunity for training in Australia

Hybrid working model and excellent work-life balance

State-of-the-art & modern Agile office

Food and beverages in the office pantry

Employee Assistance Program to improve your physical and mental health

Annual team activities and company events

A solid and talented team behind you - great people who love what they do

PEGASI – IT Recruitment Consultancy | Email: recruit@pegasi.com.vn | Tel: +84 28 3622 8666