Senior Manager IT Risk Management

Talent Insider is an upcoming HR Consultancy Service, founded in 2021. Our clients have been some of the leading brands in Indonesia, and this service continues to expand.

Registered in Singapore & Indonesia, we can assist with your growth plans and strategies, and continue to expand our regional presence with strong regional partners to assist our client in recruitment and branding strategy.

• Assist In Defining The Enterprise Risk Management Framework That Suits Agoda’s Needs; Continue To Adapt It To The Evolving Needs Of Agoda
• Support The Chair To Agoda’s Risk Committee To Develop Agenda For Risk Committee Meetings, Develop Issues Log And Incident Reporting Processes, Coordinate Across Various Risk Functions At Agoda, E.g, Ethics And Compliance At Legal, Privacy At Legal, Security At IT, Etc. To Raise Issues For Risk Committee’s Attention
• Define A Risk Screen That Enables Agoda To Properly Analyze Potential Risk Exposures For All New Innovations; Help Design Mitigation Plans Or Controls Mechanism
• Analyze (and/or Design) IT SOX Controls Supporting Business Processes And Other Compliance Topics To Identify Risks And Control Weaknesses
• Identify Controls That Are Currently In Place, As Well As Any Control Gaps, Based On Identified Risks
• Provide Guidance And Support To Your Business Partners (e.g., Process Owners) In Designing And Implementing Appropriate Controls To Strengthen The Control Environment And Mitigate Risks
• Assist In The Implementation Of, And Ongoing Compliance With The Booking Holding Group ERM Framework (Based Around COSO 2017)
• Assist With Documentation Of Processes By Collaborating With Process Owners And Control Performers
• Develop And Maintain Comprehensive Documentation Including Flow Charts, Process Narratives And Risk And Control Matrices, Segregation Of Duties Matrices And Any Others Required

• A minimum of Bachelor’s degree preferably in Accounting or Finance
• Excellent knowledge of auditing various business operations and risk-based auditing attained through minimum of 10 years of progressive work experience
• Previous experience in a compliance, process, quality or risk control role; experience in setting up and operating Enterprise Risk Management a plus
• Proven success in improving risk management, preferably in a fast-moving tech environment
• Thorough understanding of internal control concepts (especially SOX & COSO) and experience in applying them in various business areas/functions
• Expertise of ITGC concepts and understanding how they fit into the overall Control Landscape. In addition some experience managing IT Risk professionals either directly or via a project would be desirable
• Certified Internal Auditor (CIA), Certified Information System Auditor (CISA), or similar designation highly desirable
• Ability to work independently, productively and part of a team