Assistant Manager, Risk Management (IT Risk)

PURPOSE:• Provide independent risk advice, and collaborate to build an effective 1st line risk management function for the business.KEY ACCOUNTABILITIES:• Collaborate with the 1st Line of Defence to implement an effective ERM Policy, Risk Appetite Framework, risk management policies and procedures to manage different types of risks and establish strong relationship with local stakeholders and Group Office (GO).• Assist monitoring on IT and Non-IT risk exposures against Risk Appetite and Risk Tolerances.• Promote a resilient and proactive risk culture across the organisation; assist in measuring the Risk & Compliance (RC) KPI, provide quarterly self-assessment to Management / Risk & Compliance Committee (RCC), and GO. • Assist the Head of Risk Management in establishing and implementing an internal control system to align with Group standards, local regulations and the Corporate Governance Framework; (ii) lead defining and executing annual KCSA plan; (iii) conduct annual Risk and Internal Control Certification to GO.• Provide a holistic independent view on risk issues, review and challenge risk assessments and the mitigation strategies proposed by the First Line of Defence; maintain and update Company Risk Profile with timely communication and escalation to relevant Governance functions; coordinate with business users in regular risk assessment process to identify new risks, controls, and actions to reduce or mitigate identified risks.• Assist the Head of Risk Management with respect to new legislations, to conduct gap analysis and define actions to ensure the Company’s risk management and internal control system, and other financial risk management aspects comply with Law. • Ensure issues and incidents are effectively managed and addressed, including timely escalation, communication, promoting awareness, working with 1st line for preventing recurrence, and proper closure and all deliverables in the risk management plan are timely delivered with good quality.• Preparation of risk reporting to the RCC and other relevant committees, and escalate any significant risks/issues identified and their related update to the Board.• Continuously self-develop to obtain sound knowledge all aspects of risk management function; especially ERM and financial risk areas.• Assist the Head of Risk Management with other tasks as required.