As a Senior Risk Analyst, the candidate will be reporting to the Head of Governance. The candidate is expected to communicate and work with the relevant internal and external stakeholders on all matters pertaining to Risk Reporting and Risk Management.
The candidate will be expected to compile and document the Risk data, update Key Risk Indicators and other reporting requirements, and present to the Head of Governance for further reporting. The candidate is also expected to be able to assess and analyse the business impact of the Risks, and assist the Head of Governance in their daily activities.
- Carry out Risk reporting and analysis Including for Business, Corruption, Cybersecurity and other Risk categories that will be reported and presented to the Senior Management and Board of Directors for consideration.
- Liaise with Group Risk Management, vendors, project teams and any related internal and external stakeholders for all Risk related matters.
- Compile and document existing and new Key Risk Indicators, update and maintain the relevant Risk Register and Compile Cybersecurity Risk data on periodic basis as and when required.
- Take part in all Risk related meetings and discussion, including Root Cause Analysis and Postmortem review sessions.
- To assist in facilitating the standardization of Risk Management processes. Review and update the relevant Risk policies and SOPs. Develop and enhance policy and procedures to keep processes relevant and efficient. Provide relevant guidance, briefing and training where necessary in respect of Risk related matters.
- To create and maintain a working relationship with the relevant stakeholders.
- Review and standardize the Risk Reporting and Risk Management processes where required in order to provide consistency.
- Adhere with all applicable Risk Management processes and best practices.
- Ensure all IT infrastructure, applications and processes align and comply with the Group IT policy and any relevant regulatory requirements. Develop, evaluate, implement and update the Group IT Policy, relevant SOPs and other compliance documentation.
- Participate in security assessments, internal and external security audit exercise. Monitor and track any required resolution to audit findings within the agreed timeline.
- Cybersecurity Incident and Service Request cases resolution.
- Instill a culture of quality and adopt good practices in delivering support.
- Promote customer centric and service-oriented support and services.
- Support and collaborate closely on any cross functional team effort.
- To carry out any additional and ad-hoc tasks as assigned by the immediate superior.
- Bachelor’s Degree in IT or its equivalent.
- The ability to analyse, identify and understand Risk and Key Risk indicators, and translate these into easily understandable terms.
- Good understanding of business and IT processes.
- Candidates should also possess the ability to work independently under minimal supervision, with strong communication and interpersonal skills. Knowledge and experience in Risk Management practice, ESG reporting, and cybersecurity would be an added advantage.
* Only shortlisted candidates will be notified.
|Job Category||Information Technology|
|PDPA||The Personal Data Protection Act 2010 (hereinafter referred to as “the Act”), which regulates the processing of personal data in commercial transactions, applies to Tan Chong Motor Holdings Berhad (“TCMH”), Warisan TC Holdings Berhad (“WTCH”) and APM Automotive Holdings Berhad (“APM”) and their respective subsidiaries (collectively referred to as “the Group” or “our”, “us” or “we”). For the purposes of this Notice, the terms “personal data” and “processing” shall have the same meaning as prescribed in the Act. 1. The Group respects the privacy of your personal data and is committed in ensuring the confidentiality, protection, security and accuracy of your personal data made available to us. This written notice serves to inform you the purposes prescribed in paragraph 3 of this Notice that your personal data are being processed, by or on behalf of the Group in connection with your application for employment and, if applicable, your terms of employment with the Group. 2. The personal data processed by us may include name, national registration identity card number, contact number, address and photograph(s) including your sensitive personal data such as your religion, health condition and criminal record (if any), provided by you in the documents as prescribed in paragraph 4 of this Notice. 3. We are processing your personal data, including any additional information you may subsequently provide, for the following purposes (“Purposes”): (a) processing your application for employment with us; (b) assessing your application and your suitability as our employee; (c) performing your contract of service with us; (d) personnel administration; (e) training, personal development and management purposes; (f) providing you benefits as our employee including insurance cover; (g) conducting our internal activities, market surveys, trend analysis research, salary surveys and auditing; (h) conducting analytics and providing the same to governmental bodies and other agencies; (i) facilitating or enabling any checks that we conduct or by any third party or by credit reporting agency on you from time to time; (j) corporate exercise undertaken by us; (k) performing such other contracts as you may have entered with us; or such other purposes as may be related to the foregoing. 4. The personal data processed by us include all information contained in our Employment Application forms as well as other information we may obtain about you, including but not limited to from oral or written communications, documentation relating to training and development and all other employment related forms. 5. You may access and request for updating and correction of your personal data and to contact us with any enquiries or complaints in respect of your personal data as follows: Designation of the Contact Person : Group Human Resources or your HR representatives Telephone No. : 03-2788 3177 E-mail address : firstname.lastname@example.org In accordance with the PDPA, we may refuse to comply with your request for access or correction to your personal data and if we refuse to comply with such request, we will inform you of our refusal and reason for our refusal. 6. Your personal data may be disclosed to companies within the Group (including the Group and any subsidiaries, associated, related and affiliated companies of members of the Group), business partners, all governmental and/or quasi-governmental departments and/or agencies, regulatory and/or statutory bodies, such as but not limited to the Inland Revenue Board, the Employees’ Provident Fund Board, the Social Security Organisation and Bank Negara Malaysia, any healthcare professionals or hospitals, our auditors, our banks, business partners and/or service providers and any other third party that you have requested or authorized us to disclose your personal data for the above purposes or any other purposes directly related to any of the Purposes. 7. It is obligatory that you supply us with all the information described in the Employment Application Form and any other employment related forms. If you fail to supply the said information, we will be unable to consider your application. 8. Your personal data may be transferred to a place outside Malaysia. 9. You are responsible for ensuring that the personal data you provide us is accurate, complete and not misleading and that such personal data is kept up to date. 10. We may request your assistance to procure the consent of third parties whose personal data is provided by you to us and you agree to use your best endeavours to do so. 11. In the case of an application for employment with us, if your application is unsuccessful, we will keep your information for a reasonable period in accordance with legal requirements and for our own administration purposes. We or our business partners may also contact you if other job opportunities arise in the future. 12. In the event of any inconsistency between the English version and the Bahasa Malaysia version of this notice, the English version shall prevail over the Bahasa Malaysia version.|