Compliance, Conduct and Operational Risk

In this role, you'll help shape our resiliency strategy, collaborate with diverse teams, and ensure robust compliance with regulatory and internal standards. You'll be part of a dynamic environment where your expertise in risk management and technology resiliency will help safeguard our business and clients. If you're passionate about driving operational excellence and building strong risk frameworks, this is the opportunity for you.

As a Business, Operational and Technology Resiliency Risk Manager – Vice President in the Asia Pacific Compliance and Operational Risk team, you will oversee the design, implementation, and ongoing management of controls and risk management frameworks that support our ability to respond to disruptive events. You will work closely with business, control, and technology stakeholders to ensure compliance with regulatory, legal, and internal standards, and foster a strong culture of resiliency and risk management across the region.

Job Responsibilities:

• Drive identification, assessment, and management of resiliency risks, including technology, cyber, and third-party risks, in collaboration with global and APAC stakeholders.
• Support and challenge the design, execution, and evaluation of controls mitigating resiliency risks.
• Oversee risk identification for business and technology initiatives impacting resiliency in APAC.
• Monitor and evaluate the effectiveness of resiliency controls, identify gaps, and recommend enhancements.
• Provide subject matter expertise and oversight of technology resiliency testing activities, including scenario analysis and recovery drills.
• Participate in governance forums, providing oversight and credible challenge to resiliency risk management.
• Maintain awareness of regulatory changes, emerging risks, and industry best practices, and incorporate them into risk assessments.
• Support responses to regulatory exams, inquiries, and internal audits.
• Build and maintain strong relationships with stakeholders across business, control, and technology teams.
• Facilitate cross-functional collaboration and drive alignment on resiliency objectives.
• Support monitoring and testing activities, including independent control testing and validation.

Required Qualifications, Capabilities, and Skills:

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Minimum 8 years of experience in technology risk, cyber resilience, third-party technology risk management, or business continuity planning within financial services or a regulated industry, with APAC exposure.
• Strong knowledge of technology risk management frameworks, regulatory requirements, and industry standards (e.g., Basel, NIST, ISO 22301), including APAC-specific regulations.
• Experience in control design, control testing, risk assessment, and issue management for technology and business resiliency.
• Proven ability to analyze complex technology and resiliency issues, identify root causes, and develop effective mitigation strategies.
• Experience integrating resiliency controls into SDLC, enterprise architecture, and technology change management processes.
• Excellent verbal and written communication skills, with the ability to influence and engage stakeholders at all levels.
• Demonstrated ability to work effectively in cross-functional teams and drive initiatives to completion in a complex, matrixed organization.
• Self-starter with the ability to work independently, frame complex problems clearly, and identify creative solutions.
• Strong problem-solving skills and a commitment to continuous learning.

Preferred Qualifications, Capabilities, and Skills:

• Professional certifications such as CISM, CRISC, CISSP, CBCP, or equivalent.
• Proficiency in data analysis, automation tools, and dashboard/reporting solutions.
• Experience working in a global financial services organization.
• Familiarity with regulatory requirements and best practices for resiliency in APAC.
• Experience leading resiliency testing activities, such as scenario analysis and tabletop exercises.
• Ability to adapt communication and engagement strategies for diverse stakeholders.
• Experience supporting regulatory exams and internal audits.