Deputy General Manager - Head of Enterprise Risk Management & Strategic Risk

Support the Chief Risk Officer / Head GRCI in all aspects of risk delivery. Oversee daily operations, manage the Division, and meet GRCI agendas while maintaining high performance standards and divisional growth.

Partner closely with the CRO/Head GRCI to implement an Enterprise Risk Management framework focused on Tier 1 & Tier 2 risk reporting (Strategic, Operational, Projects & Investment Risks). Assist in strategic initiatives, coordinate with other functional areas, and ensure all risks are identified, measured, mitigated, and monitored. Manage insurance adequacy and address all lines of insurance prompts.

• Collaborate with the CRO/Head GRCI to adapt and implement Group risk policies, frameworks, and operating models tailored to organizational needs.
• Assist in preparing and managing matters reported to the Risk, Sustainability and Governance (RSGC) Committee, including drafting agendas, tracking Matters Arising, and reviewing key reports (Risk Management Report, Group Technology Reports, Sustainability Report, Hospital License, Anti‑Bribery Management System (ABMS), Business Continuity Management (BCM), Medical Advisory Committee (GMACCG), Key Sentinel/Major Incidents quarterly reporting).
• Identify key risks, develop and execute mitigation plans, and oversee the end‑to‑end risk management process for KPJ, analysing financial and non‑financial impacts.
• Partner with Head of Group Services and Head of Business Units to integrate Tier 1 & Tier 2 risks (investment, project, top & emerging risks) into strategic and operational initiatives, including ESG & ABC risk mitigation and loss event database management.
• Collaborate with other Lines of Defence (Group Legal & Advisory Services, Group Clinical, Internal Audit Services, Compliance & Integrity Unit, Group Sustainability Services) to drive implementation of an integrated risk management framework, monitor high‑risk medical malpractice, coordinate audit plans, and address top ABC risks.
• Provide independent assessments on project & investment risks, challenge proposals for new towers, renovations, acquisitions, and divestments, and perform horizon scanning for emerging risks.
• Champion risk initiatives and innovation through AI, machine learning, advanced analytics, predictive modeling, and real‑time enterprise‑wide risk dashboards.
• Develop outreach, engagement, and risk culture activities, embed risk awareness across all levels, and recommend professional certifications and training syllabi.
• Represent the GRCI in board meetings, industry forums, management meetings, and oversee compliance program implementation aligned with local and international regulations, monitoring AML, ABC, data privacy and integrity frameworks.

• Bachelor’s Degree in Accounting or Finance.
• Chartered Accountant, Certified Risk Professional, or Certified Integrity Officer (CEIO) is an added advantage.

KPJ Healthcare Berhad is a leading private healthcare provider in Malaysia, operating over 29 specialist hospitals across the country and internationally in Indonesia, Bangkok, and Bangladesh. The Group’s core values—Safety, Courtesy, Integrity, Professionalism, and Continuous Improvement—drive a network of high‑quality medical specialist services and a commitment to innovation in digital health technologies.

• Which of the following statements best describes your right to work in Malaysia?
• What is your expected monthly basic salary?
• Which of the following types of qualifications do you have?