Head, Enterprise Risk

Job description

We are seeking an experienced and strategic leader to oversee and integrate Risk Management & Internal Audit, Safety & Security and Environmental, Health & Safety (EHS) functions across our regional operations.

This senior leadership role is responsible for ensuring operational excellence, regulatory compliance, risk mitigation, safety, and security at a regional level.

The successful candidate will drive process optimization, foster a strong safety culture, and strengthen security operations to protect the organization's people, assets, and operations.

The role requires close collaboration with regional leadership teams and global stakeholders to ensure alignment with organizational goals while addressing regional-specific challenges and regulations.

PRIMARY DUTIES AND RESPONSIBILITIES

1.

Risk Management & Internal Audit

• Develop and execute an integrated risk management strategy that provides regional oversight of operational, regulatory, financial, and strategic risks.
  
  Ensure alignment with global risk governance standards and embed risk thinking into day-to-day decision-making processes.
  
  
• Identify, assess, and monitor key risks across the region, enabling timely escalation and mitigation.
  
  Drive forward-looking risk intelligence through data analysis, scenario planning, and stakeholder engagement to support proactive decision-making and business continuity.
  
  
• Streamline audit, compliance, and risk management activities to eliminate inefficiencies and enhance consistency.
  
  Leverage integrated processes such as inspections, internal audits, risk assessments, and certification management (e.g., ISO 14001, ISO 45001, ISO to create a unified assurance model.
  
  
• Design and implement effective internal control frameworks that ensure regulatory compliance, protect organisational assets, and reduce exposure to risk.
  
  Collaborate with internal audit and compliance teams to conduct reviews, identify gaps, and drive remediation.
  
  
• Maintain close oversight of the evolving regulatory landscape across jurisdictions.
  
  Ensure timely adaptation of policies and procedures in line with legal requirements and corporate standards.
  
  Represent the region in audits, regulatory engagements, and compliance reviews.
  
  
• Promote a risk-aware culture by embedding accountability at all levels of the organisation.
  
  Provide guidance, tools, and training to enable leaders and teams to understand their role in managing risk effectively.
  
  
• Identify opportunities to increase efficiency and reduce costs across compliance and risk functions.
  
  Ensure risk management activities are value-adding, data-driven, and aligned with broader business goals.
  
  
• Ensure compliance with the Personal Data Protection Act (PDPA), General Data Protection Regulation (GDPR), and other applicable data privacy regulations.
  
  Oversee the responsibilities of the Data Protection Officer (DPO), including data governance, privacy impact assessments, staff training, policy development, incident response, and engagement with regulators and data subjects

2.

Safety & Security

• Lead the development and execution of an integrated regional safety and security strategy aligned with global standards and business objectives.
  
  Establish clear governance structures, protocols, and accountability mechanisms to ensure the protection of people, assets, and operations.
  
  
• Foster a strong safety and security culture that promotes shared responsibility at all levels of the organisation.
  
  Embed safety and security awareness into daily operations through leadership engagement, visible commitment, and consistent messaging.
  
  Promote behavioural safety and encourage proactive reporting of risks, near misses, and incidents.
  
  
• Oversee the planning and execution of robust emergency response, crisis management, and business continuity processes.
  
  Ensure teams are equipped and trained to respond effectively to incidents involving safety breaches, security threats, or operational disruptions.
  
  
• Manage all aspects of regional security operations, including threat monitoring, vulnerability assessments, incident investigations, and intelligence-led risk mitigation.
  
  Leverage Security Operations Centre (SOC) capabilities and technologies to improve situational awareness, early threat detection, and response effectiveness.
  
  
• Monitor evolving physical and digital security risks and implement appropriate controls to safeguard personnel, infrastructure, and data.
  
  Coordinate preventive measures and enforce compliance with regional laws, industry standards, and corporate security policies.
  
  
• Ensure efficient allocation of security and safety resources across the region.
  
  Identify opportunities to enhance performance, reduce duplication, and achieve cost efficiencies while maintaining rigorous safety and security standards.
  
  
• Lead ongoing reviews of safety and security performance.
  
  Analyse trends, conduct root cause analyses, and apply lessons learned to strengthen policies, training, and operational procedures.
  
  
• Oversee data security in alignment with data protection regulations such as PDPA and GDPR.
  
  Implement and monitor cybersecurity protocols, access controls, and incident response plans to prevent data breaches and ensure the secure handling of personal and sensitive information.
  
  Work closely with IT, legal, and compliance teams to align physical and digital security measures.
  
  

3.

Environment, Health & Safety

• Act as a key regional leader for all EHS initiatives, ensuring alignment with global standards and integration with risk management and security strategies.
  
  Collaborate with cross-functional teams to embed EHS principles into core operations.
  
  
• Lead the implementation and maintenance of internationally recognized EHS management systems (e.g., ISO 14001 for Environmental Management and ISO 45001 for Occupational Health & Safety).
  
  Ensure adherence to all regional environmental, health, and safety regulations and standards.
  
  
• Develop and promote comprehensive EHS training programs across the region to build awareness, reinforce accountability, and ensure consistent application of safety and environmental practices at all levels of the organization.
  
  
• Champion a proactive safety culture that emphasizes prevention, continuous improvement, and shared ownership of EHS responsibilities.
  
  Promote cross-functional initiatives that integrate EHS best practices into daily operations.
  
  
• Identify and implement initiatives that improve environmental sustainability, reduce health and safety risks, and enhance operational resilience.
  
  Monitor performance metrics, analyse trends, and drive corrective actions as needed.
  
  
• Shall undertake other responsibilities or project as assigned by the superior.
  
  

JOB REQUIREMENTS

• Bachelor's degree in engineering, Environmental Science, Occupational Health & Safety, Risk Management, Security, or related field; Master's degree or MBA preferred.
  
  
• Minimum 10 years of experience in senior leadership roles in Risk Management & Internal Audit, Safety & Security or EHS, including experience integrating these functions at a regional level.
  
  
• Proven track record in developing and executing integrated risk and security management strategies, driving operational efficiency, and ensuring regulatory compliance.
  
  
• Strong knowledge of regional regulatory frameworks, international industry standards, and security management best practices.
  
  
• Demonstrated leadership skills with experience managing cross-functional teams, driving cultural change, and fostering collaboration.
  
  
• Excellent communication, presentation, and problem-solving skills with the ability to influence stakeholders across all levels.
  
  
• Relevant certifications are highly desirable: Certified Safety Professional (CSP), ISO certifications, or Security Management certifications.
  
  
• Flexibility to work beyond regular hours, including weekends or extended hours, as required.
  
  

Required Skill Profession

Other General