Job Description:

Risk Strategy & Framework

● Develop and implement enterprise-wide risk management frameworks, policies,

and procedures

● Ensure alignment with business objectives and regulatory requirements

● Continuously enhance risk methodologies, tools, and governance practices

Risk Identification & Assessment

● Lead risk identification exercises across business units (operational, financial,

compliance, strategic risks, and IT system related risks)

● Conduct risk assessments and prioritize key risk areas

● Establish risk registers and maintain up-to-date documentation

Risk Mitigation & Monitoring

● Design and implement risk mitigation plans and controls

● Monitor effectiveness of controls and recommend improvements

● Track key risk indicators (KRIs) and provide regular reporting to leadership

Stakeholder Management

● Partner with senior leadership, business heads, and cross-functional teams to

embed risk awareness into decision-making

● Act as a trusted advisor on risk-related matters

● Facilitate risk discussions in leadership forums and committees

● Develop and deliver regular risk reports to senior management and prepare

high-level risk updates for investors, Board of Directors, and key stakeholders

Business, Regulatory, and Compliance Oversight

● Ensure compliance with relevant laws, regulations, and internal policies

● Liaise with auditors, regulators, and external stakeholders when needed

● Stay updated on regulatory changes and assess impact to business

● Mapping all business processes and review and standardization of all SOPs

Crisis & Incident Management

● Lead risk response during incidents and crises

● Develop business continuity and risk response plans

● Conduct post-incident analysis and drive preventive actions

Loss Prevention & Fraud Management

● Define and execute loss prevention strategy to minimize fraud and operational

losses

● Identify fraud patterns, vulnerabilities, and emerging threats

● Design preventive and detective controls (rules engine, alerts, monitoring systems)

● Partner with Product & Tech to embed fraud prevention into systems and user

flows

● Continuously monitor and optimize fraud rate, loss rate, and control efficiency

Risk Analytics & Data-Driven Decisioning

● Lead the Risk Data Analyst team to build insights, dashboards, and predictive

models

● Translate data into actionable risk strategies and business recommendations

● Develop and monitor Key Risk Indicators (KRIs), fraud metrics, and portfolio

performance

● Drive automation and data-driven decisioning (e.g., rule optimization, scoring

models)

● Collaborate with Data/Tech teams on data infrastructure and risk tooling

Team Leadership

● Lead and develop the risk management team

● Build risk awareness culture across the organization through training and

communication

Requirements:

Experience & Background

● Bachelor’s degree in Finance, Business, Risk Management, or related field (Master’s

is a plus)

● 8–12+ years of experience in Risk Management, Internal Audit, Compliance, or

related roles

● Proven experience in leading risk frameworks at an organizational level

● Experience in fintech, financial services, or high-growth tech companies is a strong

advantage

Core Competencies

● Strong understanding of enterprise risk management (ERM) principles

● Ability to translate complex risks into actionable business insights

● Strong analytical and problem-solving skills

● Excellent stakeholder management and influencing skills (especially with senior

leaders)

● High ownership and ability to operate in fast-paced environments

● Strong executive reporting and data storytelling skills, with the ability to synthesize

complex data into clear, concise, and impactful insights that support strategic

decision-making

Leadership & Soft Skills

● Strategic thinking with strong execution capability

● Strong communication and presentation skills

● Ability to challenge stakeholders constructively

● High integrity and strong risk mindset

● Willingness to be hands-on and visit the fields (e.g. hubs, warehouse) to directly

observe operations to gain ground-level insight

Nice to Have

● Professional certifications related to risk management (e.g., FRM, CRM, CFA, CIA)

● Experience handling regulatory bodies (e.g., OJK, BI if in Indonesia context)

● Experience in observing, implementing, or maintaining ISO standards (e.g., ISO

31000, ISO 27001) within risk management frameworks

● Exposure to digital risk, data/privacy risk, or fraud risk management

● Experience with automated risk monitoring and AI-driven predictive modeling