Job Description
Job Title
Director – Technology Risk
Role Purpose
The Director – Technology Risk is accountable for end-to-end oversight of technology risk management , ensuring the organisation’s technology environment is secure, resilient, compliant, and regulator-ready. The role partners closely with Technology, Cyber Security, Data, and Business leaders to identify, assess, mitigate, and govern technology risks across applications, infrastructure, cloud, data, and third-party ecosystems.
Key Responsibilities
Technology Risk Strategy & Governance
Define and execute the Technology Risk Management framework aligned to enterprise risk appetite and regulatory expectations.
Establish and oversee governance forums covering technology risk, cyber risk, resilience, and third-party risk.
Act as a senior risk advisor to CIO, CISO, and business leadership.
Risk Identification, Assessment & Monitoring
Own technology risk assessments across applications, infrastructure, cloud, data platforms, and emerging technologies.
Oversee control design, effectiveness testing, and issue remediation across technology domains.
Monitor key technology risk indicators (KRIs) and escalate material risks in a timely manner.
Cyber, Resilience & Operational Risk
Partner with Cyber Security teams on cyber risk oversight , vulnerability management, and incident response governance.
Provide independent risk challenge on IT resilience, disaster recovery, business continuity, and operational resilience.
Support major incident management, post-incident reviews, and regulatory reporting.
Third-Party & Cloud Risk
Oversee third-party technology risk , including vendor due diligence, ongoing monitoring, and exit planning.
Provide risk oversight for cloud adoption , Saa S platforms, and strategic technology partnerships.
Transformation & Change Risk
Embed technology risk governance into change, transformation, and digital programs.
Provide risk challenge and assurance for core banking modernization, cloud migrations, and data programs.
Enable risk-informed decision-making without impeding speed or innovation.
People & Capability Leadership
Lead and develop high-performing technology risk teams across locations.
Build strong succession pipelines and specialist capabilities (cyber, cloud, data, resilience).
Promote a strong risk culture across Technology and Delivery teams.
Key Stakeholders
CIO, CTO, CISO & Technology Leadership
Enterprise Risk, Operational Risk, and Compliance
Internal Audit & External Auditors
Regulators and Supervisory Bodies
GCC & Global Risk Leadership
Experience & Qualifications
Mandatory
18+ years of experience in Technology Risk, IT Risk, Cyber Risk, or Operational Risk within banking or financial services.
Strong understanding of technology controls, cyber security, cloud risk, data risk, and IT resilience.
Proven experience engaging with regulators, auditors, and senior executives.
Experience operating in complex, global, matrixed organisations.
Preferred
Experience supporting or leading GCC / shared services technology risk functions.
Exposure to large-scale technology transformation programs.
Relevant certifications (one or more): CISA, CRISC, CISSP, CISM.
MBA or equivalent postgraduate qualification.
Director – Technology Risk
Role Purpose
The Director – Technology Risk is accountable for end-to-end oversight of technology risk management , ensuring the organisation’s technology environment is secure, resilient, compliant, and regulator-ready. The role partners closely with Technology, Cyber Security, Data, and Business leaders to identify, assess, mitigate, and govern technology risks across applications, infrastructure, cloud, data, and third-party ecosystems.
Key Responsibilities
Technology Risk Strategy & Governance
Define and execute the Technology Risk Management framework aligned to enterprise risk appetite and regulatory expectations.
Establish and oversee governance forums covering technology risk, cyber risk, resilience, and third-party risk.
Act as a senior risk advisor to CIO, CISO, and business leadership.
Risk Identification, Assessment & Monitoring
Own technology risk assessments across applications, infrastructure, cloud, data platforms, and emerging technologies.
Oversee control design, effectiveness testing, and issue remediation across technology domains.
Monitor key technology risk indicators (KRIs) and escalate material risks in a timely manner.
Cyber, Resilience & Operational Risk
Partner with Cyber Security teams on cyber risk oversight , vulnerability management, and incident response governance.
Provide independent risk challenge on IT resilience, disaster recovery, business continuity, and operational resilience.
Support major incident management, post-incident reviews, and regulatory reporting.
Third-Party & Cloud Risk
Oversee third-party technology risk , including vendor due diligence, ongoing monitoring, and exit planning.
Provide risk oversight for cloud adoption , Saa S platforms, and strategic technology partnerships.
Transformation & Change Risk
Embed technology risk governance into change, transformation, and digital programs.
Provide risk challenge and assurance for core banking modernization, cloud migrations, and data programs.
Enable risk-informed decision-making without impeding speed or innovation.
People & Capability Leadership
Lead and develop high-performing technology risk teams across locations.
Build strong succession pipelines and specialist capabilities (cyber, cloud, data, resilience).
Promote a strong risk culture across Technology and Delivery teams.
Key Stakeholders
CIO, CTO, CISO & Technology Leadership
Enterprise Risk, Operational Risk, and Compliance
Internal Audit & External Auditors
Regulators and Supervisory Bodies
GCC & Global Risk Leadership
Experience & Qualifications
Mandatory
18+ years of experience in Technology Risk, IT Risk, Cyber Risk, or Operational Risk within banking or financial services.
Strong understanding of technology controls, cyber security, cloud risk, data risk, and IT resilience.
Proven experience engaging with regulators, auditors, and senior executives.
Experience operating in complex, global, matrixed organisations.
Preferred
Experience supporting or leading GCC / shared services technology risk functions.
Exposure to large-scale technology transformation programs.
Relevant certifications (one or more): CISA, CRISC, CISSP, CISM.
MBA or equivalent postgraduate qualification.
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application