Deputy Head of Risk and Audit, IT

Position Description

Responsible for the governance, risk management, and audit coordination frameworks across the global IT function. This role ensures effective identification, assessment, monitoring, and remediation of technology risks, while maintaining strong alignment with internal audit, regulatory expectations, and enterprise risk management standards.

Key Areas of Responsibilities

1. Act as the IT central point of contact for Internal Audit, External Audit, and Regulators
2. Coordinate audit planning, fieldwork, and responses across IT teams (tracking, validation, closure)
3. Ensure quality and consistency of audit responses, minimizing rework and findings
4. Operate as the IT faceoff to auditors, regulators, business and IT teams
5. Facilitate regulatory inspections and thematic reviews
6. Track and report remediation progress to senior governance forums
7. Drive timely and sustainable remediation of audit findings and risk issues
8. Prepare and present risk and audit updates to senior management and stakeholders
9. Act as a trusted advisor to CIO, IT leadership, and business stakeholders
10. Conduct periodic control effectiveness reviews and self-assessments e.g. C-SOX

Requirements

1. Bachelor’s degree in information technology, Business, or related discipline.
2. Min. 15 years’ experience with 10+ years of experience in IT risk, audit within financial services
3. Strong experience managing regulatory audits and remediation programs
4. Proven track record in building or leading IT governance and control frameworks
5. Strong understanding of Regulatory expectations in financial services
6. Familiarity with audit methodologies and issue tracking tools
7. Strong stakeholder management across IT, Risk, Compliance, and Audit
8. Excellent communication and presentation skills with governance-focused mindset
9. Proficiency in Mandarin and English (written and spoken) is mandatory