Lead and manage the implementation of enterprise risk management, business continuity management (BCM), and occupational safety and health (OSH) frameworks across MDEC by establishing policies, conducting risk assessments, and monitoring controls, in order to enhance organisational resilience, ensure regulatory compliance, safeguard employees and assets, and support the achievement of strategic and operational objectives.
Financial Perspective
- Lead enterprise risk, BCM, and OSH initiatives by identifying, assessing, and mitigating key operational and safety risks to minimise financial losses, disruptions, and insurance exposure.
- Advise Management on risk treatment options, business continuity investments, and OSH compliance requirements to support cost-effective allocation of resources and risk mitigation strategies.
- Monitor incidents, near-misses, and risk events by analysing trends and root causes to reduce cost impacts arising from workplace injuries, business interruptions, or operational failures.
Stakeholder Perspective
- Engage Senior Management and business unit leaders by providing risk, BCM, and OSH insights and reports to support informed decision-making and risk-aware operations.
- Liaise with regulators, auditors, insurers, and relevant authorities by ensuring timely compliance, reporting, and coordination to maintain regulatory confidence and organisational credibility.
- Promote employee awareness and participation in risk, BCM, and OSH programmes through effective communication and engagement to strengthen organisational resilience and safety culture.
Internal Process Perspective
- Develop, implement, and maintain enterprise risk management, business continuity, and OSH frameworks, policies, and procedures in line with regulatory requirements and leading practices to ensure consistency and effectiveness.
- Lead enterprise-wide risk assessments, BCM exercises, and OSH hazard identification activities to proactively identify vulnerabilities and strengthen preventive and recovery controls.
- Oversee the development, testing, and maintenance of business continuity and disaster recovery plans to ensure operational readiness and timely recovery from disruptive incidents.
- Monitor the effectiveness of risk mitigation measures, BCM plans, and OSH controls by tracking action plans, incidents, and compliance status to ensure timely closure and continuous improvement.
- Prepare and present comprehensive risk, BCM, and OSH reports, dashboards, and submissions to Management and governance committees to enable oversight and assurance.
Learning & Growth (L&G) Perspective
- Build and develop a competent risk, BCM, and OSH team by providing leadership, coaching, and performance management to ensure effective delivery of divisional objectives.
- Enhance organisational capability in risk management, business continuity, and workplace safety by driving training, simulations, and awareness programmes across the organisation.
- Drive continuous improvement and innovation in risk, BCM, and OSH practices by incorporating lessons learned, emerging risks, and regulatory developments to strengthen organisational resilience.
Qualifications
- Bachelor’s Degree in Risk Management, Business Administration, Occupational Safety & Health, Finance, Accounting, Law or a related discipline.
- Master’s Degree in Business Administration (MBA), Risk Management, Safety & Health, or a related field is preferred.
- Professional certifications such as Certified Risk Management Professional (CRMP), ISO 31000 Risk Management, ISO 22301 Business Continuity Management (BCM), Registered Safety & Health Officer (SHO) / OSH-related certification (for OSH scope) will be an added advantage.
- Formal training in enterprise risk management, BCM, and OSH regulatory requirements is preferred.
Experience
- 8 - 10 years of relevant working experience in risk management, BCM, OSH, compliance, or assurance functions and with at least 3–5 years in a managerial or leadership role overseeing risk, BCM, or OSH initiatives at an organisational level.
- Experienced in designing, implementing, and managing enterprise risk management frameworks, business continuity plans, and OSH programmes.
- Hands-on experience conducting risk assessments, BCM exercises, incident investigations, and safety audits.
- Experienced in engaging with regulators, auditors, insurers, and external stakeholders.
- Prior experience in government-linked companies (GLCs), statutory bodies, regulated industries, or MNC is highly desirable.
Tool Sets
- Enterprise Risk Management (ERM) tools, including risk registers, Risk Appetite Statement (RAS), and control self-assessment methodologies.
- Business Continuity Management tools, including BIA templates, continuity plans, disaster recovery frameworks, and simulation/exercise tools.
- OSH management systems, including hazard identification, incident reporting, and safety audit tools.
- Compliance and assurance tracking systems for monitoring regulatory obligations and corrective actions.
- Data analysis and reporting tools (e.g. advanced Excel, Power BI) for dashboards and management reporting.
- Knowledge of standards and frameworks such as ISO 31000, ISO 22301, ISO 45001, and COSO ERM.