Assistant/Manager, Risk and Internal Control

ASSISTANT MANAGER / MANAGER, RISK & INTERNAL CONTROL (GROUP RISK OFFICE)

Support the implementation of Group Risk Management and Internal Controls, including Workplace Safety & Health across the Group.

Key responsibilities:

1. Enterprise Risk, Internal Controls, Insurance & Business Continuity

• Support the implementation and continuous enhancement of the Group’s Enterprise Risk Management (ERM) and Internal Control frameworks across Business Units (BUs)
• Develop, review and implement ERM policies and control guidelines, and deliver targeted training to management and process owners
• Facilitate risk and internal control discussions to identify gaps, and promote the adoption of good practices and mitigating controls across the Group to strengthen organisational resilience
• Prepare and consolidate Group risk reports, including risk dashboards, Key Risk Indicators (KRIs), and insightful analysis for Management and Board reporting
• Support the review and tracking of compliance with Minimum Acceptable Controls (Controls Self-Assessment) across BUs
• Coordinate and support the insurance renewal process, including data consolidation, exposure analysis, and coverage review to ensure adequacy and cost-effectiveness
• Conduct periodic reviews and optimisation of the Group insurance programme in collaboration with the appointed broker and internal stakeholders (e.g. Cyber, Industrial All Risks, Directors & Officers Liability)
• Analyse claims trends and provide insights to support risk mitigation and loss prevention initiatives
• Participate in internal control activities, including attending opening and closing meetings with Internal Auditors, where required
• Support the implementation and maintain continuous improvement of the Group Business Continuity Management (BCM) and Crisis Management framework, policies and processes, including coordination of BCP / CM reviews, exercises, and tracking of remediation actions
• Drive the digitalisation and continuous enhancement of data collection, analytics, including the development, optimisation, and administration of related tools, systems, and questionnaires

1. Workplace Safety & Health

• Support the implementation and periodic review of the Group Workplace Safety & Health (WSH) Policy across BUs
• Monitor, analyse and consolidate Group-wide WSH metrics (e.g. injury rates, high-consequence injuries, vehicle accident rates, SPAD, near misses) for monthly and quarterly reporting to Management and Board Committees
• Engage and coordinate with BU WSH representatives to promote sharing of good practices and enhance safety culture across the Group
• Partner with Group Internal Audit as a guest auditor during audits, thematic reviews, and follow-up of corrective actions
• Support initiatives to strengthen and embed a positive safety culture through training and engagement programmes
• Coordinate and facilitate quarterly Community of Practice forums for the Group’s safety network

Qualifications & Work Experience

• Bachelor’s Degree in Business or similar
• Experience in recognised risk management frameworks (e.g. COSO ERM, ISO31000, COBIT)
• Minimum five (5) years’ relevant experience in roles such as Enterprise Risk Management, Internal Controls, Internal Audit, and/or Workplace Safety & Health
• Exposure to Workplace Safety & Health, data protection regulations (e.g. PDPA, GDPR), Business Continuity Management, or other related risk areas will be advantageous
• Ability to work independently with minimal supervision in a dynamic environment
• Meticulous with strong attention to detail, with the ability to identify gaps and control weaknesses in business processes
• Strong interpersonal and communication skills, with a collaborative mindset
• Strong storytelling and presentation skills, with the ability to communicate complex ideas clearly; proficient in report writing and data analysis
• Strong organisational and prioritisation skills, with the ability to manage multiple tasks and meet deadlines