GovTech's Risk Management team provides comprehensive oversight across strategic, cybersecurity, operational, and compliance risks, ensuring technology initiatives operate within acceptable parameters while enabling innovation and digital transformation. We work closely with project teams, senior leadership, and corporate functions to embed risk-aware decision-making throughout GovTech's operations.
What to Expect from the Candidate for the Role
The successful candidate will be expected to deliver strategic risk oversight whilst maintaining hands-on involvement in critical risk management activities. You will serve as a risk advisor to leadership teams and project stakeholders, providing guidance on complex risk scenarios across multiple domains. Your role will involve developing and refining risk frameworks, conducting risk assessments, and ensuring that cybersecurity and operational risks are effectively identified, assessed, and mitigated.
You will be expected to build strong relationships with CISOs across government agencies, facilitating knowledge sharing and coordinated risk responses Additionally, the successful candidate will identify and assess emerging risks in areas such as cloud computing and artificial intelligence, ensuring GovTech stays ahead of evolving threat landscapes. The role requires ensures that risk considerations are appropriately weighted in strategic decision-making processes.
How to Succeed - Specialised and General Skillsets
Specialised Technical Expertise: You should possess deep knowledge of cybersecurity risk frameworks, operational risk management methodologies, and technology risk assessment techniques. Experience with risk management standards such as ISO 27001, NIST frameworks, and operational risk models is essential. Understanding of cloud security, data protection, and emerging technology risks will be highly valued.
Strategic and Analytical Capabilities: Strong analytical thinking and the ability to synthesise complex information into actionable insights is crucial. You should demonstrate experience in developing risk strategies, conducting scenario analysis, and presenting risk assessments to senior leadership. Proficiency in risk modelling tools and techniques, along with the ability to translate technical risks into business impact terms, is expected.
Leadership and Communication Skills: Excellent stakeholder management abilities are essential, particularly in engaging with senior leadership, CISOs, and cross-functional teams. You should be comfortable presenting to executive audiences and possess strong written communication skills for developing policies and risk reports. The ability to influence without direct authority and build consensus across diverse stakeholder groups is critical.
Experience and Qualifications: A minimum of 10-12 years of progressive experience in risk management, with significant exposure to cybersecurity and operational risk domains. Experience in technology organisations, government agencies, or regulated industries would be advantageous. Professional certifications such as CISSP and CISA preferred
