top of page

Regional IT Risk and Compliance (AVP/VP LOD 2) - Prominent Investment Bank

IT Security & Risk

23 May 2024

Hong Kong

Our client, a prominent investment bank. Is seeking a highly skilled and experienced regional tech risk VP. You will be responsible for overseeing risk and control activities within the regional Information Technology Division, ensuring compliance with regulations, policies, and industry standards. This role is a LOD 2 function, ensuring compliance with regulations, policies, and industry standards.



  • Conduct and manage tech risk assessments, audits, and regular monitoring to proactively identify and mitigate risks.

  • Lead and plan regular independent control assessments to evaluate compliance with applicable regulations, policies, IT standards, and industry best practices.

  • Test and evaluate evidence, identify control deficiencies, and proactively propose improvement opportunities to enhance the control environment.

  • Monitor and verify the implementation of remediation plans and controls by ITD functions, ensuring the closure of identified risks and issues.

  • Prepare comprehensive review reports that effectively communicate issues, root causes, and actionable recommendations to IT management.

  • Conduct training sessions to promote IT risk and control awareness and track compliance with established IT policies and standards.

  • Facilitate discussions with IT teams to gather control design requirements and guide the resolution of identified control issues.

  • Drive the establishment, enhancement, and maintenance of data analytics capabilities to strengthen control review processes.

  • Evaluate the functionality of existing and new technology platforms, ensuring alignment with policies and IT standards.

  • Collaborate on internal and external technology audits, actively participating in deep dives and testing exercises.

  • Collaborate closely with IT teams to define practical remediation measures and document review results accurately.

  • Maintain a continuous learning mindset, staying updated on IT risk and control concepts and industry trends.



  • Bachelor's degree (or equivalent) in information technology or a related field.

  • A minimum of 8 years of relevant working experience, preferably in a multinational financial institution or consultancy firm.

  • Strong understanding of internal control concepts and the ability to assess and evaluate controls holistically, considering business and technology risks.

  • Proven experience in conducting infrastructure, application, or business process reviews.

  • Professional certifications such as CGEIT, CRISC, CISA, CISM, and/or CISSP are highly desirable.

  • Knowledge of NIST Cybersecurity Framework, ITIL, CMMI, and COBIT will be a plus.

  • Strong verbal and written communication skills in English, enabling effective participation in discussions, presentations, and report writing.

  • Familiarity with distributed technologies, operating systems, and database platforms, along with a solid understanding of related controls.

  • Ability to manage multiple tasks concurrently, prioritize effectively, and work independently with minimal supervision.


If this outstanding opportunity sounds like your next career move, please submit through "Apply Now" or send your resume in Word format to Wiki Wong at and put Regional IT Risk and Compliance (AVP/VP LOD 2) - Prominent Investment Bank in the subject header.

Data provided is for recruitment purposes only.

bottom of page