Job Description:
Enterprise Risk Management:
- Support in promoting and implementing the Company’s Enterprise Risk Management (ERM) Framework including: Risk Appetite framework, Capital Management plan, Stress testing, Sensitivity Analysis, KRI/KCI assessment, Own Risk and Solvency Assessment (ORSA) process;
- Support in preparing and maintaining Company’s Risk Register, Key Business Risk profile, Risk Map;
- Support in providing advices to Risk Owners on risk treatments with follow-up risk mitigating actions;
- Support in promoting Risk Culture via: training, coaching, knowledge sharing to other divisions and risk owners;
- Provide Company’s Risk reports to Senior Management Team, Member of Council and Regional Holding Company with timely and accurate information for business decision-making.
- Monitor and escalate emerging risks and urgent issues leading to Company’s potential risk exposure.
- Secretary for ERM Committee meeting
Information Security (IS):
- Support to develop and maintain Information Security Control Framework, including the annual Information Security key activities and/or initiatives;
- Facilitate the liaison among related divisions/branches to remediate information security deficiencies and mitigating information risks at all areas of operation;
- Promote information security awareness and practice via trainings and campaigns;
- Secretary for IS Committee meeting
Business Continuity Management:
- Support in developing and maintaining Business Continuity Management Framework;
- Support in developing and implementing annual Business Continuity Planning (BCP) key activities, including business impact analysis, scenarios response plan and drill testing;
- Liaise with Incident Response Team (IRT) and Functional Response Team (FRT) in case of emergencies or incidents to ensure the continuity of business and operation
- Secretary for BCP Committee meeting
Cyber Security:
- Support to develop the Cybersecurity Strategy and Roadmap for the Company; Roadmap/Action Plans and Initiatives for Cybersecurity of the Company
- Co-operate with relevant departments to derive & maintain a holistic cybersecurity incident response plan;
- Conduct training and enhance awareness on Cybersecurity to all staff
Job Requirement:
Qualifications:
- Academic or professional background on risk management and/or insurance business
- FRM or globally recognized risk qualification is a plus
- English fluency: especially speaking and presentation
Skills/Knowledge:
- Innovative mindset.
- Coding skill and/or Techsavvy is highly welcomed
- Knowledge and experience in risk management; internal control, corporate governance…
- Excellent in interpersonal, presentation and communication skills
- Well understanding in Insurance industry is a plus;
Experience:
- At least 02 years experience in risk management.
- Experience in compliance, internal control, insurance, professional advisory, information security, cyber security) is a plus
Competencies:
- Applying Technical knowledge
- Being Ethical and Compliant
- Collaborative Relationships
- Communicating with impact
- Customer Focus
- Developing Self, Direct reports and Others
- Driving Results
- Managing Execution
- Problem Solving