A&A: Consultant - Manager (GRC / Risk Transformation - Operations Risk Management (ORM))

Work You Will Do

Key Responsibilities

• Conduct session of business and regulatory requirements from stakeholders and finalise the requirements.
• Provide advisory on Operational Risk Management to support good design of system functionality to ensure design aligning with relevant regulatory requirement and good practice.
  • Operational Risk Management Framework and Matrix
  • Operational Risk Management Workflow from end to end including identification, assessment, monitoring, escalation and reporting.
  • Operational Risk Indicators
  • Operational Risk Inventory and Controls
  • Operational Risk Dashboard
  • Incident Management Activities from end-to-end process
• Translate requirements into system specifications and user stories.
• Lead the workshops with client stakeholders and solve the issues properly with good practices and knowledge sharing.
• Prepare documentation including Requirement Traceability Matrix (RTM), Functional Specification Document (FSD), and process flows.
• Support design, configuration, and integration of the ORM module within the GRC platform.
• Develop, execute and manage test cases & scripts and UAT for ORM module.
• Support accuracy and completeness of data migration and system outputs.
• Document test results, track defects, and support resolution.
• Create training materials (such as manuals, quick guides, and e-learning modules) and conduct the trainings.
• Support change management activities for ORM module to ensure effective adoption.
• Manage project delivery, budgets, risks, key stakeholders and communications with clients.
• Supervise and coach junior consultants, reviewing work products to ensure quality and consistency.
• Contribute to business development through proposals, client presentations, and thought leadership.

Your Role as a Leader

• Build and lead diverse teams, providing coaching and development opportunities to junior staff.
• Collaborate across service lines to deliver integrated solutions to clients.
• Inspire confidence and trust in clients through strong stakeholder engagement and communication.
• Drive superior outcomes by aligning project objectives with client strategic priorities.
• Demonstrate integrity, accountability, and inclusive leadership values.

Qualifications

• Bachelor’s or Master’s degree in Business Administration, Risk Management, Finance, Information Systems, or related field.
• 
  For Consultant level
  1–3 years of experience in GRC, Enterprise Risk Management, or Risk Advisory, preferably in the financial services sector.
  
  For Senior Consultant and Manager level
  5–8 years of experience in GRC, Enterprise Risk Management, or Risk Advisory, preferably in the financial services sector.
  • Strong knowledge of ERM frameworks (COSO ORM, ISO 31000) and regulatory standards (Basel II/III, BOT).
  • Experience with GRC platforms (RSA Archer, SAP GRC, MetricStream, or equivalent) is a plus.
  • Archer Certified Administrator (Specialist/Expert), ServiceNow CIS (Risk & Compliance), or equivalent certification is a plus.
  • Proficiency in business analysis, documentation, and stakeholder facilitation.
  • Strong problem-solving, analytical, and communication skills.
  • Professional certifications such as GRC, CISA, CRISC, CISM, CISSP are highly desirable.

Technical Skills

• Exposure to GRC/IRM platforms such as Archer, ServiceNow, or MetricStream.
• Understanding of workflows, reporting, and dashboard.
• Proficiency in Microsoft Excel and PowerPoint for analysis and reporting.

Soft Skills

• Strong client-facing skills with ability to influence and consult at management levels.
• Excellent presentation, facilitation, and communication skills.
• Team-oriented with a willingness to learn and adapt to dynamic client environments.
• Ability to work in structured consulting environments with deadlines and deliverables.
• Critical thinking, strong problem-solving and conflict resolution capabilities

Industry Focus: FSI