Job Description

Responsibilities:

Digital Control Framework & Governance

• Define, implement, and maintain a robust digital controls and assurance framework covering digital banking platforms, APIs, cloud technologies, automation, AI and data analytics.
• Establish clear control standards, risk taxonomies, and assurance methodologies aligned with MAS regulatory requirements (e.g. TRM, Risk Management Guidelines) and internal policies.
• Own and coordinate technology risk, control, and assurance activities for digital initiatives across CIMB Singapore.
• Work closely with Risk, Compliance, Technology, and RCU teams to:
  • Identify and assess digital and technology risks (e.g. platform resilience, data privacy, cyber, outsourcing, vendor risk)

  • Define and embed appropriate preventive and detective controls into digital solutions and operating processes

Control‑by‑Design in Digital Delivery

• Embed control‑by‑design principles into digital initiatives from early design stages rather than post‑implementation fixes.
• Ensure alignment with:
  • AML / CDD / KYC requirements
  • Sales governance and conduct controls
  • Data and privacy policies
• Partner delivery teams to balance customer experience, speed, and risk discipline.
• Provide advisory support for new digital initiatives such as mobile banking enhancements, digital onboarding, cloud migration, AI use cases, and partnerships with external vendors.

Risk Oversight & Assurance

• Provide independent oversight and challenge over digital, technology, and operational risks, including system resilience, data integrity, cyber risk, access management, and third-party risks.
• Conduct control assessments, thematic reviews, and deep dives across digital initiatives and platforms.
• Identify control gaps, root causes, risk trends, and emerging risks associated with digitalisation and innovation.
• Support audits, regulatory reviews, and risk assessments related to digital platforms, journeys, and operations.

Regulatory Compliance & Engagement

• Ensure full compliance with MAS regulations and guidelines, including Technology Risk Management (TRM), Outsourcing Guidelines, Cyber Hygiene Notices, and Operational Resilience expectations.
• Act as a key point of contact for regulators, auditors, and internal governance forums on digital controls and assurance matters.
• Support regulatory inspections, audits, and risk assessments, including remediation tracking and closure.

Incident Management & Issue Remediation

• Oversee assurance activities related to digital incidents, outages, data breaches, or control failures.
• Ensure effective root cause analysis, corrective action plans, and sustainable remediation.
• Track, report, and escalate material digital risks and issues to senior management and governance committees.

Reporting, Stakeholder Engagement and People Leadership

• Prepare and present clear, insightful risk and assurance reporting to senior management, risk committees, and board-level forums.
• Provide forward-looking insights into the digital risk landscape, control maturity, and areas requiring management attention.
• Build and lead a high-performing digital controls and assurance team with strong skills in technology risk and controls.
• Foster strong partnerships with Digital, IT, Cyber Security, Operations, Compliance, and Internal Audit.
• Promote a strong risk and control culture across digital and technology functions.

Requirements:

Qualifications

• Bachelor’s or Master's Degree in any related disciplines (Business/ Finance/ Banking) or equivalent professional qualification

Professional Qualification and/or Regulatory, Licensing Requirements

• Relevant technology, risk, or audit qualifications

Relevant Work Experience

• Minimum 12–15 years of experience in technology risk, digital controls, IT audit, assurance, or risk management within the banking or financial services industry
• Proven leadership experience managing senior teams and engaging C‑suite or senior management stakeholders
• Strong understanding of digital banking architectures, cloud environments, APIs, data platforms, and emerging technologies
• Solid knowledge of MAS regulatory expectations, particularly TRM, outsourcing, cyber resilience, and operational risk
• Experience working in or supporting Agile / DevOps / digital transformation environments

Competencies/Skills

• Strong risk judgement and independent challenge mindset
• Ability to balance innovation enablement with control discipline
• Excellent stakeholder management and influencing skills
• Strategic thinking with strong execution capability
• High integrity, resilience, and accountability
• Strong verbal and written communication skills
• Able to function effectively in a matrix and culturally diverse environment
• Well informed of the market environment, industry practices and regulations governing the Consumer Banking business
• Strong leadership and people management skills
• Strong understanding of regulatory requirements and experience in ensuring compliance within the financial services sector