At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on. 

About the Role

The role will be responsible for the development and maintenance of risk management frameworks and systems including the development and implementation of risk and control mitigation and remediation activities which includes the ongoing updating and enhancement of risk management procedures. Develop, implement and maintain risk and control assessment and assurance programs in support of the various functions at OSS, while providing ongoing assurance of the overall effectiveness and compliance to stakeholders’ expectations.

Develop, implement, and manage company's business continuity program in line with Group standards and local regulations in the region. The person will support all activities necessary to AIA to prepare for and respond to any business interruption.

Risk Management

Develops and maintains the corporate wide operational risk management program that addresses all aspects of operational and non-financial risk and compliance.Work with senior members of the OSS leadership teams to ensure that risk remediation plans are implemented and tracked accordingly.Manage and support annual operational risk activities including risk and control assessments, third party risk assessments, risk management and control certification, control environment assurance, internal control environment assessment, internal audit reviews.Support the OSS functions in the various risk assessment activities to identify and assess risks and work with the risk champions and OSS functions to develop and implement risk mitigation plans to manage risks at acceptable levels and to monitor the effectiveness of those plans.Identify opportunities for strategic improvement or mitigation of operational risks caused by changes of business partner operational needs, regulatory changes or industry-specific change initiatives.Plan and coordinate all operational risk control testing and assurance activities. Coordinate and facilitate regular, complete, and meaningful operational risk assurance activities with risk champions and document and communicate results and insights to relevant OSS functions and stakeholders.Work closely with OSS and Group technology and security functions to maintain an ongoing view of the state of technology risk across OSS functions while providing support in the continuing assessment and monitoring of the various technology needs across OSS to ensure technology risks are managed appropriately.Liaise with Risk Champions to develop effective working relationshipsLead and manage Company’s operational risk assessments for Third Parties.Perform threat and risk assessment pertaining to operational changes to identify points of vulnerability, single points of failure and identify risk avoidance and mitigation strategies.Provide regular status updates until closure to Group / OSS leadership and key stakeholders regarding material operational risk incidences and events.Develop and deliver appropriate operational risk education and awareness programmeDevelop regular operational risk program status reports to Group and OSS managementAnalyze and report on implications of regulatory requirements and industry guidance on operational risk programs.Support OSS functions during internal audit and independent review.Ability to create and maintain internal control matrices and Key Risk Indicators to demonstrate compliance with various frameworks and requirements

Business Continuity Management

Maintain the corporate wide business continuity program that addresses disaster recovery, business recovery and emergency response management.Work with senior members of the Technology, Operations and Risk leadership teams to ensure that remediation plans are implemented and tracked accordingly.Manage and support annual business recovery exercises, which may include Dedicated Recovery Sites (DRS), Remote Access, Alternate Office, and Work Transfer, depending on function and locationHelp the business functions to conduct periodic Business Impact Analysis, identify recovery requirements and work with the business continuity coordinators to develop and implement recovery plans in the event of a business disruption.Identify opportunities for strategic improvement or mitigation of business interruption and other risks caused by business, regulatory, or industry-specific change initiatives.Plan and coordinate all business continuity testing and exercises.   Coordinate and facilitate regular, complete, and meaningful BCM tests and post-exercise reports.Work closely with IT, Operations, and other business units to develop/maintain DR plans for critical systems and applications and to ensure that internal recovery sites are updated and functioning properly. This includes reviewing business impact analysis reports and conducting challenge sessions to ensure appropriate tiering and RTO/MTPD levels are assigned.Liaise with Business Continuity Coordinators to develop effective working relationshipsLead and manage Company’s BCM readiness assessment for Third Parties.Perform threat and risk assessment pertaining to Business Continuity to identify points of vulnerability, single points of failure and identify risk avoidance and mitigation strategies.Assist in crisis management as BCM SME in the event of a business interruption.Provide regular status updates until closure to Group / BU key stakeholders during the major incidents.Develop and deliver appropriate BCM education and awareness programmeDevelop regular BCM program status reports to Group and local managementAnalyze and report on implications of regulatory requirements and industry guidance on BCP/DR programs

Job Requirements :

10+ years of Risk Management experience in insurance business preferred and, in lieu of insurance, financial services and 10+ years of Business Continuity Management experience in financial services.Bachelor’s degree in Science or related field or equivalent experience.Globally recognised Risk certification/risk professional certficationsFamiliarity and understanding in any ISO risk management (ISO 31000), business continuity or audit frameworks (preferable ISO 27001, 22301, 9001) .Globally recognized BCM certification (CBCI/CBCP)Good understanding or organizational resilience including IT Disaster Recovery and Technology Resilience.Experience in actively developing and supporting business continuity programs is an advantageLeadership skills (ability to take charge, confidence to interact with all levels, set objectives, drive results, and a team player)Self-starter with the ability to work with a great degree of autonomy.Excellent verbal and written communication skills to effectively present risk findings and recommendations to risk owners and stakeholders.Project management skillsProficiency in MS office products (PowerPoint, excel, etc.)

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.