Functional Description
The Head of Technology Risk & Governance is responsible for establishing embedding and overseeing the technology risk management and governance framework across HSBC Taiwan. The role ensures technology risks are effectively identified assessed managed and reported in line with regulatory expectations internal policies and industry best practices while supporting secure and resilient technology operations.
- People Responsibility:Y
- Report To: CIO Taiwan
The role provides second-line oversight of technology risks to safeguard the banks information assets and technology services. It ensures regulatory compliance strong control design and effective risk governance across the technology landscape. The role also acts as a trusted advisor to Technology and Business leaders on technology risk resilience and control matters.
- Lead technology risk assessments across applications infrastructure cloud and third-party environments identifying vulnerabilities control gaps and emerging risks.
- Maintain and oversee the technology risk register including risk ratings KRIs mitigation plans and control effectiveness tracking.
- Provide independent oversight of technology projects and change initiatives ensuring security-by-design and risk-by-design principles are embedded throughout the lifecycle.
- Interpret and implement local regulatory requirements and industry standards related to technology risk cybersecurity data governance outsourcing and resilience.
- Manage regulatory inspections audits and findings ensuring clear articulation of risk posture and timely remediation of issues.
- Oversee technology incident business continuity and disaster recovery risk management including regulatory notifications and root cause reviews.
- Govern third-party technology risk ensuring appropriate due diligence contractual controls and ongoing compliance monitoring.
- Produce clear and insightful technology risk reporting for senior management risk committees and the Board highlighting trends exposures and emerging threats.
- Deep expertise in technology risk management within financial services including ITGC application controls infrastructure and cloud security.
- Strong knowledge of regulatory frameworks and standards (e.g. MAS TRM PDPA ISO 27001 NIST COBIT ITIL).
- Proven experience in regulatory engagement audits and remediation management.
- Advanced risk assessment analysis and reporting skills including use of KRIs and dashboards.
- Ability to influence and advise senior stakeholders across Technology and Business functions.
- Excellent written and verbal communication skills with the ability to translate technical risk into business impact.
- Strong leadership stakeholder management and collaboration capabilities in a matrixed environment.
- High integrity professional judgement and a proactive continuous-improvement mindset.
- License/Qualification Requirement
Required Experience:
Senior Exec
Functional DescriptionThe Head of Technology Risk & Governance is responsible for establishing embedding and overseeing the technology risk management and governance framework across HSBC Taiwan. The role ensures technology risks are effectively identified assessed managed and reported in line with ...
Functional Description
The Head of Technology Risk & Governance is responsible for establishing embedding and overseeing the technology risk management and governance framework across HSBC Taiwan. The role ensures technology risks are effectively identified assessed managed and reported in line with regulatory expectations internal policies and industry best practices while supporting secure and resilient technology operations.
- People Responsibility:Y
- Report To: CIO Taiwan
The role provides second-line oversight of technology risks to safeguard the banks information assets and technology services. It ensures regulatory compliance strong control design and effective risk governance across the technology landscape. The role also acts as a trusted advisor to Technology and Business leaders on technology risk resilience and control matters.
- Lead technology risk assessments across applications infrastructure cloud and third-party environments identifying vulnerabilities control gaps and emerging risks.
- Maintain and oversee the technology risk register including risk ratings KRIs mitigation plans and control effectiveness tracking.
- Provide independent oversight of technology projects and change initiatives ensuring security-by-design and risk-by-design principles are embedded throughout the lifecycle.
- Interpret and implement local regulatory requirements and industry standards related to technology risk cybersecurity data governance outsourcing and resilience.
- Manage regulatory inspections audits and findings ensuring clear articulation of risk posture and timely remediation of issues.
- Oversee technology incident business continuity and disaster recovery risk management including regulatory notifications and root cause reviews.
- Govern third-party technology risk ensuring appropriate due diligence contractual controls and ongoing compliance monitoring.
- Produce clear and insightful technology risk reporting for senior management risk committees and the Board highlighting trends exposures and emerging threats.
- Deep expertise in technology risk management within financial services including ITGC application controls infrastructure and cloud security.
- Strong knowledge of regulatory frameworks and standards (e.g. MAS TRM PDPA ISO 27001 NIST COBIT ITIL).
- Proven experience in regulatory engagement audits and remediation management.
- Advanced risk assessment analysis and reporting skills including use of KRIs and dashboards.
- Ability to influence and advise senior stakeholders across Technology and Business functions.
- Excellent written and verbal communication skills with the ability to translate technical risk into business impact.
- Strong leadership stakeholder management and collaboration capabilities in a matrixed environment.
- High integrity professional judgement and a proactive continuous-improvement mindset.
- License/Qualification Requirement
Required Experience:
Senior Exec
View more
View less