AVP Enterprise Risk

We are seeking a highly motivated and experienced AVP, Enterprise Risk to join our Risk team. This role is pivotal in strengthening our enterprise risk management posture, with a strong focus on technology governance, resilience, and compliance. You will play a key role in shaping risk frameworks, driving oversight initiatives, and supporting strategic risk reporting.

Key Responsibilities

1. Governance

- Review and enhance Enterprise Risk Frameworks, Policies, Guidelines, and Procedures.

- Propose and support the development of oversight, testing, and technology resilience roadmaps.

- Serve as secretariat for the Company Risk Steering Committee, including development of agenda, minutes, and follow-ups.

2. Risk & Compliance

- Lead the review and assessment of MAS Technology Risk Management compliance and self-attestation.

- Test and evaluate the effectiveness of technology risk controls.

- Maintain and manage the Enterprise Risk Register, Risk Deviations Register, and Outsourcing Risk Register.

- Oversee Business Continuity Management (BCM) and Incident Response (IR), with a focus on technology resilience and recovery strategies.

- Plan and conduct Tabletop exercises to test effectiveness of BCM, incidents and crisis response.

- Collaborate with Information Security to identify, propose, and monitor Technology and InfoSEC Key Risk Indicators (KRIs) and Key Control Indicators (KCIs).

- Assist - in the procurement of Internal Audit or other certification vendors (e.g., Internal Audit, SOC 2, ISO 27001) and coordinate audit activities.

3. Training

- Conduct training sessions on Business Continuity Planning and Incident Response for staff.

- Mentor and train interns on ERM and BCM principles and practices.

4. Special Projects

- Support the development and implementation of an in-house ERM Reporting and Dashboard system.

In addition to the above, the candidate may be required to perform other duties and roles as reasonably assigned from time to time to support the enterprise risk function.

Qualifications & Experience

- Bachelor's degree in a relevant field (e.g., Information Systems, Risk Management, Business).

- 57 years of experience in risk management, with a strong focus on technology risk.

- Professional certification in risk management (e.g., CPRM, CRMP) is highly preferred.

- Strong familiarity with MAS Technology Risk Management Guidelines and regulatory expectations is highly preferred.

- Strong analytical skills and a collaborative, team-oriented mindset.

- Proficiency in MS Office Suite, MS PowerPoint, Canva, and MS Power BI.