Job Purpose
-
Responsible for all operational activities in the Enterprise Risk Management function.
Key Result Areas
Implementing an overall risk management process for the organization that includes conducting and assisting in the identification, assessment, monitoring and mitigation of risks
Clear understanding of basic risk concepts, like KRI, RCSA, Risk Appetite, TPRM, BCPR
Identify, evaluate, and document control weaknesses and deficiencies; and develop recommendations for risk mitigation and improvement.
Preparation and maintenance of Risk Registers)
Perform sample based control testing as part of RCSA exercise
Identify control gaps and deficiencies and develop recommendations for risk mitigation and improvement of business processes
Analyze and report risk profile and control performance, and benchmark processes against regulatory requirements, Company standards and industry best practices to develop and improve the Company risk management framework. Liaise with senior management to identify risks in their business areas, and agree the controls required to mitigate each risk. Enter those risks and controls on the risk register and ensure that the entries are consistent
Updating Enterprise Risk Policy accommodating changing regulatory / strategic scenarios to ensure that the policy reflects best practice
Assisting the Principal Risk Owners with the identification of key risks and mitigating controls in their business units, as well as action plans to address any gaps in the mitigating measures identified
Support the risk management team by helping develop, manage and distribute required reports, maintain internal and external Risk dashboards that help with risk identification and monitoring
Support in preparation & analysis of various reports for the Risk Committee, Executive Management Team and Board Committees
Responsible for the timely follow-up, documentation and status of action plans, open issues (arising out of RCSA/KRI monitoring/Operational risk events etc.) and other initiatives pending its completion.
DPDP Compliance & Data Privacy Risk Management:
Ensure compliance with DPDP Act by conducting privacy risk assessments, implementing data protection controls, and monitoring adherence across processes
Manage data breach response, vendor risk reviews, and drive organization-wide awareness on data privacy and regulatory requirementsR10%
Preferred Profile: -
Educational Qualification
-
Graduate in finance /management / risk management or equivalent from a reputed institute. FRM, CFA, CBCP, data privacy and similar certifications will be preferred
Experience
-
Experience in BFSI/Risk Consultancy, Compliance & Policy, Operational Risk/ERM/Big 4 with risk audit experience in similar role
-
Data privacy with exposure to regulatory frameworks and data protection practices
Skills Required
-
Knowledge and understanding of Exchange ecosystem and operations
Functional Competencies required
-
Principles of risk management (ERM / ORM / TPRM / BCP)
-
Demonstrate strong knowledge of risks identification, assessment and management frameworks
-
Strong knowledge of control frameworks and the ability to design and evaluate effectiveness of controls embedded within business processes
-
Knowledge of risk and governance standards such as COSO / ISO 31000 or global accepted framework, and Basel Corporate Governance Principles
-
Strong understanding of DPDP Act, data privacy frameworks, risk assessment methodologies, and compliance monitoring
