What Jobs are available for Risk Management Specialist in Thailand?

Responsibilities

• จัดทำแผนความต่อเนื่องทางธุรกิจ (Business Continuity Plan) ครอบคลุมการระบุและประเมินความเสี่ยง การวิเคราะห์กิจกรรมสำคัญที่จะต้องกอบกู้ การจัดทำกลยุทธ์ด้านความต่อเนื่องทางธุรกิจ และดำเนินการซักซ้อมแผนความต่อเนื่องทางธุรกิจ
• พัฒนาแผนความต่อเนื่องทางธุรกิจ และปรับปรุงเอกสารที่เกี่ยวข้องกับ Business Continuity Plan
• จัดทำการระบุและประเมินความเสี่ยง (Risk and Control Self-Assessment)
• ดำเนินการร่วมกับหน่วยงานต่าง ๆ ในการ Improve งานด้านบริหารความเสี่ยง
• ให้ความรู้คนในองค์กรในเรื่องการบริหารความเสี่ยง
• รายงานเรื่องที่เกี่ยวข้องกับการบริหารความเสี่ยง
• จัดทำข้อมูลสำหรับใช้ในการรายงานความเสี่ยง (Enterprise Risk Management)
• ดำเนินงานอื่น ๆ ตามที่ได้รับมอบหมายจากผู้บังคับบัญชา

Qualifications

• วุฒิการศึกษา ระดับปริญญาตรีขึ้นไป สาขาวิชาการเงิน,ประกันภัย, บริหารความเสี่ยง หรือสาขาที่เกี่ยวข้อง
• มีประสบการณ์ด้านการบริหารความต่อเนื่องทางธุรกิจ (Business Continuity Plan) อย่างน้อย 4 ปี
• มีความรู้ในการวิเคราะห์หลักการและแนวคิดด้านการบริหารความเสี่ยง
• หากมีความรู้ทางธุรกิจประกันชีวิตจะพิจารณาเป็นพิเศษ
• มีความรู้ในการใช้เครื่องมือและวิธีการบริหารความเสี่ยง
• สามารถสื่อสารอย่างมีประสิทธิภาพ

Job Description :

As a senior risk management officer, you will be responsible for overseeing and managing the risk profile of the tech company, which is a subsidiary of a bank. You will ensure that the tech company complies with the relevant regulations and standards of the banking industry, as well as the internal policies and procedures of the parent company. You will also identify, assess, monitor, and mitigate the potential risks that may arise from the tech company's operations, products, services, and projects. You will report to the chief risk officer of the bank and collaborate with the tech company's management and stakeholders.

• Develop and implement risk management strategies, frameworks, and policies for the tech company, in alignment with the bank's risk appetite and objectives to ensure proactive and effective risk management.
• Design and develop a comprehensive risk management program that incorporates policies, procedures, and internal control standards to minimize both organizational and technological risks.
• Analyze and evaluate the tech company's risk exposure, including credit, market, operational, regulatory, reputation, cyber, and strategic risks.
• Provide risk advice and guidance to the tech company's management and staff on risk-related matters, such as new initiatives, product launches, contracts, and partnerships
• Conduct risk assessments and audits on the tech company's processes, systems, and controls, and recommend improvements and remediation actions
• Prepare and present risk reports and dashboards to the bank's risk committee and board, as well as the tech company's management and stakeholders
• Monitor and review the tech company's risk performance and compliance, and escalate any issues or incidents to the appropriate authorities
• Keep abreast of the latest trends, developments, and best practices in risk management, especially in the tech and banking sectors
• Manage and mentor a team of risk analysts and specialists, and foster a culture of risk awareness and accountability across the tech company
• Ensure the organization's compliance is with all relevant laws, regulations and guidelines and stay updated with regulatory changes
• Liaise with internal and external stakeholders, such as auditors to assess the company's processes, systems, policies, products, and operations to ensure they meet all standards and compliance framework
• Perform additional relevant responsibilities as delegated by the line manager

Qualification :

• Bachelor's degree in computer engineering, finance, business, or a related field
• At least 5 years of experience in risk management, preferably in the banking industry
• Strong understanding of risk management principles and practices
• Excellent analytical and problem-solving skills
• Strong communication and interpersonal skills
• Ability to work independently and as part of a team

Benefits :

• Hybrid Working Arrangement
• World-Class Development Program
• Performance Bonus
• Vacation Leave 15 Days + Maternity Leave
• MacBook Provided
• Housing Loan
• Life Insurance/ Health Insurance/ Dental Care
• Jetts Fitness (Corporate rate and privilege)
• Opportunity to be a part of team that drives Thailand Digital Economy (The contributor of the great impact to millions of Thai people through digital platforms e.g. PaoTang App. and Krungthai Next App)

Working Location :

The ParQ Floor 5th, 9th-10 West Wing

MRT สถานีศูนย์การประชุมแห่งชาติสิริกิติ์ (Exit 2)

ลักษณะงาน :

• ให้คำปรึกษาและ/หรือร่วมกำหนดกระบวนการ/วิธีปฏิบัติงานในส่วนที่เกี่ยวข้องกับผลิตภัณฑ์ให้เป็นไปตามหลักเกณฑ์ของหน่วยงานทางการ
• ดูแลให้มีการจัดทำนโยบายและระเบียบปฏิบัติงานให้เป็นไปตามหลักเกณฑ์ของหน่วยงานทางการ
• จัดอบรมและสื่อความให้แก่ฝ่ายงานต่างๆ ให้มีความรู้ความเข้าใจในหลักเกณฑ์ของหน่วยงานทางการ
• ติดตามและวิเคราะห์การเดินบัญชีของลูกค้าเพื่อรายงานธุรกรรมที่ต้องสงสัย
• ดูแลให้การรายงานธุรกรรม ปปง. ต่างๆ ถูกต้องครบถ้วนและภายในระยะเวลาที่กำหนด
• สอบทานการปฏิบัติงานเพื่อให้มั่นใจว่าฝ่ายงานต่างๆ ปฏิบัติงานเป็นไปตามหลักเกณฑ์ทางการ

คุณสมบัติ :

• จบการศึกษาระดับปริญญาตรีขึ้นไปด้านกฎหมาย รัฐศาสตร์ หรืออื่นๆที่เกี่ยวข้อง
• มีประสบการณ์การจัดทำรายงานธุรกรรมแก่หน่วยงานราชการ เช่น ปปง., กลต เป็นต้น
• มีประสบการณ์ด้าน Compliance ในสายงานธนาคาร, สถาบันการเงิน หรือหน่วยงานราชการจะรับพิจารณาเป็นพิเศษ
• มีทักษะในการสื่อสารที่ดี
• มีความกระตือรือร้นในการเรียนรู้

Focusing Area : Digital Payment, Credit and Consolidation, AML, Market Conduct, Derivative FX, Digital Asset

***หากมีข้อสงสัยหรือต้องการสอบถามข้อมูลเพิ่มเติม ติดต่อคุณปาราเมศ (โอ๊ต หรืออีเมล ***

หมายเหตุ: ตำแหน่งงานนี้จำเป็นต้องตรวจสอบประวัติอาชญากรรมของบุคคลก่อนพิจารณารับเข้าทำงาน เพื่อความปลอดภัยและรักษามาตรฐานขององค์กร

About Us

Do you want to be part of Thailand banking transformation? Data is the core of the new financial services era, and we are open for the opportunity to be part to drive this change at the core.

SCB DATAx is a new venture of the Siam Commercial Bank (SCB) holdings, a leading financial services and digital services holdings in Thailand and ASEAN.

As part of the transformation of SCB into a group of product and technology companies, under the SCBx brand, SCB DATAx is the technology company to centralize data and provide AI and data science services and products to the group.

With a leading-edge cloud native data & AI platform, our vision is to support the group to providing everyone in our region with the opportunity to prosper.

We work on forward-thinking challenges of centralizing, analyzing and sharing information. We collaborate with companies and experts in many different domains, embrace diversity and all that while having a good laugh and joy in work.

About Team & Role

Oversight and challenge technology related risks for DataX (a subsidiary of SCBX). Ensure DataX technology & information security (IT & IS) risk management adheres to DataX and SCBX group risk management frameworks, policies and standards.

Work closely with risk owners to identify, assess, treat/mitigate, monitor, and report all IT & IS risks. Assess the effectiveness of IT & IS controls. Develop and maintain communication and collaboration with other risk partners, such as operations, security, data governance (DG), data privacy (DP), as well as with stakeholders across the organization.

This role is part of 2LoD which reports to DataX Chief Risk Officer (CRO).

Your Responsibility

• Operate technology & information security (IT & IS) risks adhere to DataX and SCBX group risk management frameworks, policies, guidelines, processes and procedures, including exception mechanisms. The IT & IS related risks scope for DataX organization and every service which DataX provides to SCBX group companies.

• Work closely with stakeholders across the organization, 1LoD and 2LoD:

• Assist and monitor them to identify potential IT & IS risks, assess impacts, by applying technology risk management tools.

• Ensure the effectiveness of risk mitigation, tailored to the business needs and operations, which should be done in a timely manner.

• Continuous monitoring risk mitigation or any treatment strategies such as exemption or acceptance.

• Assess the effectiveness of IT & IS controls. Implement continuous monitoring of the controls.

• Ensure all technology risk activities are conducted in the GRC tool as centralized repository.

• Oversight technology incidents, analyze the root cause, challenge and monitor the action plans.
• Regular report technology risk indicators and incidents, for effectiveness of risk measurement and early warning for technology risk trends.
• Regularly review the risk register to ensure it covers every area in technology risk taxonomy. Addition to address new and evolving threats and risks.
• Work closely with project owners to perform effectiveness of IT Project Risk management. Assist stakeholders in validating risk assessments, which comprise analyzing, identifying, describing, and quantifying risks that impact all business risks.
• Work with procurement and related functions to enforce IT & IS requirements into third party evaluation process and operate to ensure the effectiveness of IT third party risk management process.
• Incorporate IT & IS risk awareness into new hire orientation, annual training, and other events.

Join the related meetings if need, such as Change Advisory Board (CAB) and/or Technology Steering Committee (TSC).

Qualifications

• Bachelor's degree or higher in Information Technology, Cybersecurity, Risk Management, or a related field.
• Relevant work experience at least 3 years of experience in technology risk management, with a minimum of 3 years in a any technology role. (For the senior specialist, at least 5 years of experience in technology risk management, with a minimum of 3 years in a any technology role.)
• Proficiency in identifying, evaluating, and mitigating technology risks.
• Knowledge of regulatory requirements such as BOT or SEC, and best practices in IT governance.
• Familiarity with risk management frameworks and tools, such as NIST, ISO 27001.
• Ability to effectively communicate risk-related information to stakeholders at all levels both Thai and English.

About Us

Do you want to be part of Thailand banking transformation? Data is the core of the new financial services era, and we are open for the opportunity to be part to drive this change at the core.

SCB DATAx is a new venture of the Siam Commercial Bank (SCB) holdings, a leading financial services and digital services holdings in Thailand and ASEAN.

As part of the transformation of SCB into a group of product and technology companies, under the SCBx brand, SCB DATAx is the technology company to centralize data and provide AI and data science services and products to the group.

With a leading-edge cloud native data & AI platform, our vision is to support the group to providing everyone in our region with the opportunity to prosper.

We work on forward-thinking challenges of centralizing, analyzing and sharing information. We collaborate with companies and experts in many different domains, embrace diversity and all that while having a good laugh and joy in work.

About Team
& Role

Oversight and challenge technology related risks for DataX (a subsidiary of SCBX). Ensure DataX technology & information security (IT & IS) risk management adheres to DataX and SCBX group risk management frameworks, policies and standards.

Work closely with risk owners to identify, assess, treat/mitigate, monitor, and report all IT & IS risks. Assess the effectiveness of IT & IS controls. Develop and maintain communication and collaboration with other risk partners, such as operations, security, data governance (DG), data privacy (DP), as well as with stakeholders across the organization.

This role is part of 2LoD which reports to DataX Chief Risk Officer (CRO).

Your Responsibility

• Operate technology & information security (IT & IS) risks adhere to DataX and SCBX group risk management frameworks, policies, guidelines, processes and procedures, including exception mechanisms. The IT & IS related risks scope for DataX organization and every service which DataX provides to SCBX group companies.
• Work closely with stakeholders across the organization, 1LoD and 2LoD:
• 1. Assist and monitor them to identify potential IT & IS risks, assess impacts, by applying technology risk management tools.
• 1. Ensure the effectiveness of risk mitigation, tailored to the business needs and operations, which should be done in a timely manner.
• 1. Continuous monitoring risk mitigation or any treatment strategies such as exemption or acceptance.
• 1. Assess the effectiveness of IT & IS controls. Implement continuous monitoring of the controls.
• 1. Ensure all technology risk activities are conducted in the GRC tool as centralized repository.
• Oversight technology incidents, analyze the root cause, challenge and monitor the action plans.
• Regular report technology risk indicators and incidents, for effectiveness of risk measurement and early warning for technology risk trends.
• Regularly review the risk register to ensure it covers every area in technology risk taxonomy. Addition to address new and evolving threats and risks.
• Work closely with project owners to perform effectiveness of IT Project Risk management. Assist stakeholders in validating risk assessments, which comprise analyzing, identifying, describing, and quantifying risks that impact all business risks.
• Work with procurement and related functions to enforce IT & IS requirements into third party evaluation process and operate to ensure the effectiveness of IT third party risk management process.
• Incorporate IT & IS risk awareness into new hire orientation, annual training, and other events.

Join the related meetings if need, such as Change Advisory Board (CAB) and/or Technology Steering Committee (TSC).

Qualifications

• Bachelor's degree or higher in Information Technology, Cybersecurity, Risk Management, or a related field.
• Relevant work experience at least 3 years of experience in technology risk management, with a minimum of 3 years in a any technology role. (For the senior specialist, at least 5 years of experience in technology risk management, with a minimum of 3 years in a any technology role.)
• Proficiency in identifying, evaluating, and mitigating technology risks.
• Knowledge of regulatory requirements such as BOT or SEC, and best practices in IT governance.
• Familiarity with risk management frameworks and tools, such as NIST, ISO 27001.
• Ability to effectively communicate risk-related information to stakeholders at all levels both Thai and English.

Job Description:

• Support Senior Management for Retail Banking by assessing non-financial risks, including operational, fraud, compliance, business continuity risk, and designing and testing control structures.
• Proactively support product, process and application owners in assessing non-financial risks and designing controls.
• Organise Risk & Control Self-Assessment workshops.
• Develop product control framework, including process mapping, key risk identification.
• Test the design and effectiveness of control and report on the results of testing to senior management.
• Analyze risk indicators and formulate solutions to address risks.
• Support changes and modification to the overall Control Framework and its related activities for further enhancement and efficiency.
• Review operational manuals and new product launched and provide input from risk perspective.
• Prepare, review risk reports and ensure execution of the action plans and timeline.
• Organise relevant meetings with senior management.
• Perform other functions as may be assigned by the superior from time to time.

Qualifications:

• Bachelor's degree or higher, preferably in Business Administration, Accounting, Finance, Management, Economics, Engineering.
• At least 5 years of prior work experience in Finance & Banking industry, in any roles. understanding of banking process and fundamental risk concept. Candidate with prior work experience in operational risk, Internal audit, auditing & accounting in the area of Retail Banking would be an advantage.
• Good command of English both oral and written
• Good knowledge of quantitative analysis
• Persuasive, capable of managing and work in a team and profoundly skilled in planning and organizing.
• Possess logical thinking, problem-solving skills & judgment skills, energetic & self-motivated, a fast learner with very good communication skill.

Job Description:

• Support Senior Management for Retail Banking by assessing non-financial risks, including operational, fraud, compliance, business continuity risk, and designing and testing control structures.
• Proactively support product, process and application owners in assessing non-financial risks and designing controls.
• Organise Risk & Control Self-Assessment workshops.
• Develop product control framework, including process mapping, key risk identification.
• Test the design and effectiveness of control and report on the results of testing to senior management.
• Analyze risk indicators and formulate solutions to address risks.
• Support changes and modification to the overall Control Framework and its related activities for further enhancement and efficiency.
• Review operational manuals and new product launched and provide input from risk perspective.
• Prepare, review risk reports and ensure execution of the action plans and timeline.
• Organise relevant meetings with senior management.
• Perform other functions as may be assigned by the superior from time to time.

Qualifications:

• Bachelor's degree or higher, preferably in Business Administration, Accounting, Finance, Management, Economics, Engineering.
• At least 10 years of prior work experience in Finance & Banking industry, in any roles. understanding of banking process and fundamental risk concept. Candidate with prior work experience in operational risk, Internal audit, auditing & accounting in the area of Retail Banking would be an advantage.
• Good command of English both oral and written
• Good knowledge of quantitative analysis
• Persuasive, capable of managing and work in a team and profoundly skilled in planning and organizing.
• Possess logical thinking, problem-solving skills & judgment skills, energetic & self-motivated, a fast learner with very good communication skill.

Job Description :

• Support Senior Management for Retail Banking by assessing non-financial risks, including operational, fraud, compliance, business continuity risk, and designing and testing control structures.
• Proactively support product, process and application owners in assessing non-financial risks and designing controls.
• Organise Risk & Control Self-Assessment workshops.
• Develop product control framework, including process mapping, key risk identification.
• Test the design and effectiveness of control and report on the results of testing to senior management.
• Analyze risk indicators and formulate solutions to address risks.
• Support changes and modification to the overall Control Framework and its related activities for further enhancement and efficiency.
• Review operational manuals and new product launched and provide input from risk perspective.
• Prepare, review risk reports and ensure execution of the action plans and timeline.
• Organise relevant meetings with senior management.
• Perform other functions as may be assigned by the superior from time to time.

Qualifications:

• Bachelor's degree or higher, preferably in Business Administration, Accounting, Finance, Management, Economics, Engineering.
• At least 5 years of prior work experience in Finance & Banking industry, in any roles. understanding of banking process and fundamental risk concept. Candidate with prior work experience in operational risk, Internal audit, auditing & accounting in the area of Retail Banking would be an advantage.
• Good command of English both oral and written
• Good knowledge of quantitative analysis
• Persuasive, capable of managing and work in a team and profoundly skilled in planning and organizing.
• Possess logical thinking, problem-solving skills & judgment skills, energetic & self-motivated, a fast learner with very good communication skill.

Job Description

Internal Audit

• Conduct audits in accordance with the annual audit plan, from planning through reporting stages.

• Conduct the full audit cycle (planning, fieldwork, drafting issues and follow up with issues)

• Prepare the draft audit program for Internal Audit Manager for review

• Prepare the draft audit findings and recommendation to Internal Audit Manager for review

• Follow up the pending issues with the process owner

• Build and maintain strong relationships with key stakeholders across the Company.

• Perform other special projects and duties as assigned.

Enterprise Risk Management

• Support the ERM program by partnering with the risk owner to establish the ERM framework, risk management

methodology, processes, risk appetite, and risk culture.

• Support the implementation of the ERM tool in INTEQC group.

• Support other functions to identify key enterprise risks

Qualification

1. Bachelor's degree or higher in a relevant study, such as Business Administration, Accounting, Enterprise Risk Management, and related fields.
2. Have a minimum of 7 years' working experience in Internal Audit/ Enterprise Risk Management/ Financial Audit in manufacturing business
3. Have experience in Listed or IPO companies would be preferred
4. Have experience in ERP system (i.e. SAP, Oracle)
5. Strong knowledge of international auditing standards (e.g., IIA Standards, COSO Framework 2013, COSO-ERM framework 2017).
6. Strong knowledge of corporate governance, risk management and internal controls
7. Good communication, analytical, and stakeholder engagement skills.
8. A relevant professional Certification (e.g. IACP, CPIAT) would be preferred.

Remark: Work 6 days a week with flexible day off 2 Saturdays per month.