Vice President, Risk & Control

Company Profile MIZUHO BANK, LTD. IS A SUBSIDIARY OF THE JAPAN-BASED MIZUHO FINANCIAL GROUP, INC. (LISTED ON THE TOKYO STOCK EXCHANGE AND NYSE) AND IS ONE OF THE LARGEST FINANCIAL SERVICES COMPANIES IN THE WORLD. MIZUHO BANK, LTD. PROVIDES FINANCIAL AND STRATEGIC SOLUTIONS FOR THE INCREASINGLY DIVERSE AND SOPHISTICATED NEEDS OF ITS CLIENTS WITH OFFICES LOCATED IN ALL THE MAJOR CITIES OF THE WORLD SUCH AS TOKYO, NEW YORK, LONDON, HONG KONG AND SINGAPORE. Job Responsibilities The APAC Risk and Control function is responsible for managing the design and execution of technology and information security risk management across the APAC regional entity, branches and subsidiaries to ensure that the Bank is in full compliance with the relevant Technology and Cyber policies, standards and regulatory requirements, and maintain the desired risk profiles. Reporting to the Section Head, Risk and Control, APAC,

• This role will support the functional strategy within the APAC Risk and Control team in governing adoption and consistent execution of the Technology Risk management frameworks, and managing / maintaining regional Technology and Information Security risk portfolio for Mizuho.
• Provide 'hands-on' support to enable Regional CIO and Regional CISO to manage their risk profiles and apply consistent risk management across APAC.
• Work with the Regional CIO / CISO, Country teams and Japan HO to ensure processes and controls are maintained and reported.
• Ensure transparency and appropriate escalation of material risks through relevant governance processes in line with the applicable risk management frameworks.

• Bachelor's Degree in Computer Science, Software Engineering, Business Management, Accounting or related field
• Minimum 10 years' experience in the financial banking industries focused on technology operational risk (IT Service Management areas) and/or technology / information security risk related control or audit functions
• Regarded as a SME in the field and familiar with regulatory drivers and compliance
• Deep technical knowledge and understanding of technology operating within financial institutions with exposure to technology or information security related controls
• Experience in DevSecOps and Public Cloud Technology stacks / security models (AWS, Azure or Google Cloud) are desirable
• Experience in designing / defining controls and control monitors (KCI/KRI) and executing control testing preferred
• Relevant professional certifications (e.g. PMP, ITIL, COBIT, CISSP, CRISC, CISA, CISM, CGEIT and CDPSE)
• Solid understanding of various Asia regulatory requirements (e.g. HKMA SPMs and MAS TRMG) and industry standards (e.g. COBIT and NIST)