Head of Technology Governance (Line 1.5)
The Head of Technology & Operations Governance and Assurance is responsible for establishing and operating a robust Line 1.5 control oversight, validation, and assurance capability across Technology and Operations.
Sitting between Line 1 ownership and Line 2 oversight, the role provides independent challenge, control validation, and risk insight, while remaining close to the business to drive practical, sustainable control outcomes. The role ensures that key technology and operational risks are effectively governed, controls are well-designed and operating as intended, and issues are identified and remediated proactively.
This role partners closely with Technology, Operations, Risk, Compliance, Internal Audit, and senior management, and plays a critical role in regulatory engagement, audit readiness, and strengthening the overall control environment.
Responsibilities
Governance & Control Frameworks
Own and maintain the Technology and Operations governance and assurance framework, ensuring alignment with enterprise risk management standards and regulatory expectations.
Define and oversee control standards, minimum control requirements, and control design principles across technology and operational domains.
Drive consistency in control taxonomy, documentation, and governance across first-line functions.
Control Assurance & Validation (Line 1.5)
Provide independent validation of control design and operating effectiveness across Technology and Operations.
Oversee execution of control testing, thematic reviews, and deep dives on key risk areas (e.g. change, access, resilience, outsourcing, data, cyber, incidents).
Challenge risk assessments, control self-assessments, and management attestations to ensure accuracy and completeness.
Identify control gaps, emerging risks, and systemic weaknesses, and escalate issues appropriately.
Risk & Issue Management
Partner with first-line teams to ensure timely remediation of issues, including audit findings, regulatory observations, and control weaknesses.
Track and report on issues, actions, and risk trends to senior management and governance committees.
Provide insight into control effectiveness and residual risk to support informed decision-making.
Regulatory & Audit Engagement
Act as a key interface for Internal Audit, Risk, Compliance, and external regulators on Technology and Operations control matters.
Support regulatory examinations, supervisory reviews, and audits by providing evidence, challenge, and independent assurance.
Ensure ongoing audit and regulatory readiness across Tech and Ops functions.
Stakeholder Partnership & Influence
Work closely with Technology and Operations leadership to embed strong risk and control practices without undermining business ownership.
Provide constructive challenge while maintaining a collaborative, trusted-advisor relationship.
Contribute to senior management, risk committee, and board-level reporting on control effectiveness and key risk themes.
Leadership & Capability Building
Build and lead a high-performing team, setting clear expectations and standards.
Develop assurance methodologies, tooling, and data-driven insights to enhance coverage and efficiency.
Promote a strong risk culture and accountability across Technology and Operations.
Requirements:
15+ years of experience across Technology Risk, Operational Risk, Controls, Governance, Assurance, or Audit, preferably within financial services or regulated environments.
Strong hands-on experience covering technology and operations risk domains (e.g. IT general controls, change, access, resilience, outsourcing, data, cyber).
Proven track record engaging regulators, auditors, and senior stakeholders.
To apply:
If you’re interested to apply or find out more, please share across your CV or reach out to Chen Yi at cy@kerryconsulting.com for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.
Reg: R1876389
Lic: 16S8060
