Risk Lead

Hyderabad
Finance – Finance /
On-site
The Risk Lead reports functionally to the Audit and Risk Management Committee for strategic direction and accountability purposes, and reports administratively to the VP, General Counsel to facilitate administrative and day to day operations. The Risk Lead has direct communication access to the Chief Executive Officer and the Audit and Risk Management Committee and reports to them directly on developing and maintaining the Risk Framework. The role contributes to Appen’s adherence to our strategic plan, ensuring that enterprise risk and assurance mechanisms are managed, and drives continuous improvements across the company. The role will also have a dotted line alignment to the Senior Director of Cyber Security and VP, Crowd Engagement and Success for key risk topics.

Responsibilities

    • The Risk Lead provides subject matter advice and support on risk projects and activities. This role supports the Executive and staff to identify, manage and report risks. The role is also responsible for building capability on risk management, risk frameworks and for supporting the development and strengthening of the risk culture.  This includes conducting reviews to ensuring that procedures, controls, issue resolution and risk mitigation activities are appropriate by identifying issues, risks and trends needing attention and recommending appropriate actions or, escalating these issues as required.

    • Risk:
    • Maintain and further develop Appen’s risk management framework and its linkages to planning and governance processes.
    • Manage the evaluation of business processes and reporting mechanisms in relation to Appen’s risk management framework.
    • Providing advice, guidance and training to strategic and operational areas on better practice risk management activities to embed a positive risk culture across Appen.
    • Undertaking ongoing work including but not limited to coordinating Appen’s risk appetite, risk assurance maps, risk profiles, risk treatment plans and other risk reporting.
    • Establishing and maintaining the internal and external relationships necessary for effective risk management in Appen.This is to ensure that staff adopt appropriate risk practices and mitigation measures.  Activities may include the development and delivery of workshops and training to staff

    • Internal Audit:
    • Responsible for developing and delivery of the Strategic Internal Audit Plan
    • Identify audits and reviews that strategically align with Appen’s objectives
    • Execute audits in accordance with the required International Standards and internal guidance.
    • Communicate and discuss findings with senior and business unit management which includes clear identification of root cause and linked risks
    • Develop balanced internal audit reports, clearly identifying opportunities and strengths in a concise manner.
    • Provide pragmatic recommendations to mitigate / address identified opportunities
    • Conduct follow-up reviews of findings
    • Manage co-sourced auditors where specialized reviews are required.
    • Develop meaningful working relationships with key business stakeholders
    • Foster continuous learning through evaluation of audits and reviews
    • Provide ongoing guidance and support to the Executive team.
    • Prepares reporting for the Audit & Risk Management Committee and presents findings and recommendations of work performed.

    • IT Risk and Compliance:
    • Develop and implement IT risk management strategies, policies, and procedures to ensure the security and integrity of Appen’s information systems and data.
    • Conduct regular IT risk assessments and audits to identify vulnerabilities and ensure compliance with relevant regulations and standards.
    • Collaborate with the Senior Director of Cyber Security to align IT risk management practices with overall cyber security strategies.
    • Collaborate and support the Data Protection Officer in data privacy enhancing initiatives.
    • Monitor and report on data protection and IT risk exposure and develop risk mitigation plans to address identified risks.
    • Ensure compliance with IT-related regulatory requirements and industry best practices.
    • Provide training and support to staff on IT risk management and compliance issues.
    • Develop and maintain data protection risk registers, ensuring they are up-to-date and reflect current risk statuses.
    • Coordinate with external auditors and regulatory bodies during IT audits and assessments.

Qualifications and Experience

    • CPA Qualified
    • 5 years in a similar role (relevant experience)
    • Commercial experience in the IT industry.
    • Effective communication skills, both verbal and written, can convey technical information clearly and concisely.
    • Certifications like Certified in Risk and Information Systems Control (CRISC) would be added advantage