Risk Manager

Job Summary

A Risk Manager is responsible for determining the types of risks that could affect a company’s strategic, operation, cybersecurity & technology, legal & compliance, and reputation, as well as advise company on potential risks within their operations, information systems and technological needs to safeguard business goals and strategies. This role will work on a group-wide of Risk management including Compliance and Internal Audit.

This role requires an experienced and a highly developed skill set in risk management. The individual will be able to proactively negotiate and influence at senior levels within the organization, linking closely to executive functions, senior management and staff in the provision of the risk-aware culture program.

Job Responsibilities

• Develop and implement the company's overall risk management framework, including policies, standards in compliance with SCBX group requirements, applicable laws and regulations
• Design, plan and implement an overall risk management process, including risk materiality assessment, product risk assessment, third-party risk assessment, risk and control self-assessment (RCSA)
• Oversee the identification, assessment, and monitoring of risks across all company activities, including cybersecurity & technology, operational, compliance & legal, reputation, and strategic risks
• Establish and maintain the company's risk appetite and ensure that risk limits are set and monitored effectively
• Lead in organizing risk committees in overseeing the risk management process, advice on key risk issues to ensure key risks are appropriately assessed, monitored, controlled and reported
• Ensure that the company's risk management framework is aligned with the company's strategic objectives and risk culture
• Advise, educate, and consult company’s board members, senior management, and other officials about risk management
• Create guidelines to evaluate risk of new products and develop procedures to manage risk
• Lead the development and implementation of risk mitigation plans and controls to minimize the company's exposure to risks
• Regularly report to the company's senior management and board of directors on the company's risk profile and risk management practices
• Collaborate with first line of defense to ensure that risk management practices are integrated into all company activities
• Manage and lead a team of risk management professionals, providing guidance, coaching, and development opportunities
• Provide training to staff in order to build risk culture awareness within the company, and educate the board of directors for the most significant risks to the business and ensuring business heads understand the risks that might impact to their departments

Background/ Experiences

• At least 8-10 years’ work experience with relevant in Enterprise Risk Management, Operational risk and Technology risk experiences preferred

• Experiences or strong passion in FinTech company or banking industry

• Strong knowledge of IT Third-party risk management

• Sound understanding of applicable laws, regulations, and industry best practices

• Practical knowledge of Cyber & Technology risks, technical skills and practices

• Ability to lead direct reports and virtual teams

• Professional certifications such as CRISC, CISSP, CISM, CEH, or ISMS are desirable

Knowledge & Skills

• Strong knowledge of risk management frameworks includes ISO31000, ISO27001, NIST, FFIEC, methodologies, and tools
• Strong knowledge and technical skills in Risk Management, IT and Cybersecurity
• Ability to apply regulatory requirements to ensure internal/external compliance
• Ability to apply technical expertise, experience, and judgment to plan and accomplish goals
• Excellent analytical and problem-solving skills
• Excellent organizational skills, coupled with ability to be versatile and flexible
• Teamwork – form and maintain effective and collaborative team
• Excellent communication and interpersonal skills with the ability to interact with all levels of the
• Microsoft Power BI, Power Automate skills will be advanced

organization