Deputy Manager - Risk Management

Mô tả Công việc
I. Risk Management
1. Lead, develop and maintain Enterprise Risk Management Framework: Risk Appetite Framework (RAF), Capital Management Plan (CMP), Stress Testing, Sensitivity Analysis, Key Risk Indicator/Key Control Indicator (KRI/KCI) assessment, Own Risk and Solvency Assessment (ORSA) process;
2. Manage the annual preparation of Risk Calculation Modelling following Head Office's scheme;
3. Monitor and escalate emerging risks and urgent issues leading to changes in risk exposure;
4. Promote and embed risk culture and conduct Risk Management trainings to equip relevant officers and staff with skills, knowledge and support required to discharge their responsibilities effectively;
5. Identify training needs for Risk Management and oversee development of enterprise risk competence and awareness across the Company;
6. Liaise with Division Leaders in ensuring completion of quality departmental Risk Registers: prepare and maintain Company's Risk Register, Key Business Risk Profile, Risk Map;
7. Evaluate the adequacy of the Company's Internal Control framework in addressing risks and accomplishing the Company's goals and objectives;
8. Work with Internal Audit, Enterprise Risk Management Committee and Compliance Committee in ensuring the identification and prioritization of risks and reporting of the same;
9. Monitor implementation of action plans to ensure risk mitigation efforts are proceeding as required;
10. Monitor and report on compliance with regulatory requirements in Risk Management;
11. Any other duties assigned by Division Leader/Management.
II. Information Security (IS)
1. Develop and maintain IS Control Framework, including the Annual IS key activities and/or initiatives;
2. Facilitate the liaison among related Divisions/Branches to remediate IS deficiencies and mitigating information risks at all areas of operation;
3. Promote IS awareness and practice via trainings and campaigns.
4. Support Data Protection Officer (DPO) for related activities to ensure compliance with Personal Data Protection regulations.
III. Business Continuity Management
1. Develop and maintain Business Continuity Management Framework;
2. Develop and implement annual Business Continuity Planning (BCP) key activities, including Business Impact Analysis (BIA), scenarios Response plan and Drill Testing;
3. Liaise with Incident Response Team (IRT) and Functional Response Team (FRT) in case of emergencies or incidents to ensure the continuity of business and operation.
IV. Cyber Security (CS)
1. Develop the CS Strategy and Roadmap for the Company;
2. Develop the Roadmap/Action Plans and Initiatives for CS of the Company;
3. Co-operate with relevant Divisions to derive & maintain a holistic CS incident response plan;
4. Conduct training and enhance awareness on CS to all staffs.