Manulife Vietnam

Tóm tắt công việc

The Head of IT Controls & Governance is responsible for establishing and leading the enterprise-wide IT governance, risk, and control framework. This role ensures that all IT activities are aligned with business strategy, operate within defined risk appetite, and comply with regulatory and internal policy requirements. The role partners closely with senior stakeholders to strengthen control effectiveness

• Have enterprise IT governance framework (e.g., COBIT, ITIL, ISO standards)
• Ensure alignment of IT initiatives and investments with business strategy and priorities
• Establish governance structures, decision-making forums, and accountability models

2. IT Controls & Risk Management

• Design, implement, and oversee IT control environment across applications, infrastructure, and data
• Lead identification, assessment, and mitigation of IT risks (cyber, operational, regulatory)
• Maintain IT risk register and ensure timely remediation of control deficiencies

3. Compliance & Regulatory Management

• Ensure compliance with applicable regulatory requirements and internal policies
• Lead IT audits (internal/external/regulatory) and manage audit findings to closure
• Act as key liaison with regulators, risk, and internal audit functions

4. Policies, Standards & Frameworks

• Develop, implement, and enforce IT policies, standards, and procedures
• Ensure consistent adoption of governance and control frameworks across IT organization
• Drive continuous improvement of control effectiveness and governance maturity

5. Monitoring, Reporting & Insights

• Define and track governance and control KPIs (e.g., audit findings, compliance rates, incident trends)
• Provide regular reporting and insights to senior management and board-level committees
• Ensure transparency and timely escalation of key risks and issues

6. Stakeholder Management & Leadership

• Partner with CIO, Risk, Compliance, Legal, and business leaders on governance and control matters
• Provide advisory to leadership on IT risk, control, and regulatory implications
• Build strong governance culture across IT and business stakeholders
• Lead and develop a high-performing governance and controls team

• Attractive compensation package
• Global exposer opportunity
• Inclusive & growth-oriented working environment

Education & Certifications

• Bachelor’s degree in Information Technology, Computer Science, or related field
• Master’s degree (MBA, MIS, or equivalent) preferred
• Relevant certifications: CISA, CISM, CRISC, CGEIT, CISSP, COBIT, ITIL

Experience

• 12–15+ years of experience in IT governance, IT risk, IT audit, or technology control functions
• At least 5+ years in leadership role managing enterprise-level governance or risk programs
• Strong experience in regulated industries (e.g., insurance, banking, financial services) preferred
• Proven track record managing regulatory audits and driving remediation programs
• Deep understanding of IT governance frameworks (COBIT, ITIL, ISO 27001)
• Strong knowledge of IT control domains (access management, change management, data security)
• Experience with enterprise risk management and compliance frameworks
• Familiarity with cybersecurity, cloud, and digital transformation risks