Associate Director, Group Risk and Compliance

An empowering career at Singtel begins with a Hello. Our purpose, to Empower Every Generation, connects people to the possibilities they need to excel. Every "hello" at Singtel opens doors to new initiatives, growth, and BIG possibilities that takes your career to new heights. So, when you say hello to us, you are really empowered to say…“Hello BIG Possibilities”.

Be a Part of Something BIG!

This is a hands‑on leadership role within Group Risk and Compliance (GRC), accountable for the design, execution, and continual uplift of the Group’s Business Continuity & Resilience (BCM) programme across Singtel Group and its OpCos.

Operating as the Group’s centre of excellence for resilience, the role owns the full BCM lifecycle — from strategy development, implementation, training, testing, exercising, and assurance to continuous improvement — spanning business operations, technology, and network environments.

The incumbent drives the implementation of a Group‑wide resilience framework, ensuring critical business and technology functions have robust continuity and recovery plans, validated through regular exercises and real‑world incident learnings. This includes leading the BCM network across OpCos, uplifting capability maturity, and providing on‑the‑ground coordination and leadership during major incidents or crises to ensure operational continuity and timely recovery.

In addition to BCM responsibilities, the role contributes to Group Risk Governance (approximately 30%), supporting the development and oversight of the Group’s enterprise risk management processes. This includes providing risk governance across key technology domains (this is new as our team does not have such capabilities yet) — including IT, Network, Data, and AI. The role helps ensure these areas are governed within the Group’s risk appetite and integrated into decision‑making processes.

The incumbent also supports Group‑level governance reporting, including preparation of sections on Risk Management and Resilience for the Annual Report and inputs for EMTN (Euro Medium Term Note) investor reporting, ensuring that disclosures accurately reflect the Group’s risk posture and resilience capabilities.

This role works closely with stakeholders across Group Technology, Cybersecurity, Data Governance, and OpCo Risk teams to provide an independent view, strengthen governance structures, and maintain transparent risk reporting to the Risk Management Committee (RMC), and through it, the Board, Risk Committee (RSTC).

Time allocation: ~70% BCM & Resilience / ~30% Risk Governance

• Develop and Implement BCM Strategy: Lead the formulation and execution of a comprehensive Group‑wide Business Continuity, Business Recovery, and Crisis Management Framework, aligned with enterprise risk objectives.
• Framework Governance & Oversight: Ensure consistency and compliance in BCM policies, standards, and procedures across all business units and OpCos, maintaining alignment with regulatory and industry standards.
• Business Impact Analysis & Recovery Planning: Support business units and Corp Centre in conducting Business Impact Analyses (BIAs), defining recovery priorities and dependencies, and developing up‑to‑date Business Continuity & Disaster Recovery Plans (BC&DRPs).
• Crisis Management: Act as a key member of the Crisis Management Team, providing expertise during major incidents or disruptions. Lead post‑incident reviews to identify learnings and improvements.
• Training, Awareness & Exercises: Develop and conduct Group‑wide BCM training, awareness campaigns, and crisis simulation exercises to test readiness at executive and operational levels.
• Monitoring & Reporting: Regularly report the status of BCM programs, test results, and incident outcomes to the RMC and RSTC. Develop performance metrics and maturity assessments for BCM effectiveness.
• Continuous Improvement: Identify and drive initiatives to enhance organizational resilience, ensuring BCM practices evolve in line with emerging threats, technologies, and operational models.

• Technology Risk Oversight: Support the Group’s Risk Governance framework in managing IT, Network, Data, and AI‑related risks, ensuring alignment with Group policies, frameworks, and regulatory expectations.
• Risk Assessment and Reporting: Contribute to periodic Group risk assessments, risk dashboards covering technology and operational domains.
• Governance Documentation and Reporting: Support preparation of Risk Management sections of the Annual Report, EMTN (Euro Medium Term Note) disclosures, and other Board/Committee submissions.
• Corporate Center Risk Management: Partner with Corporate Centers to identify, assess, and mitigate key enterprise and operational risks, ensuring governance consistency across entities.
• Secretariat Backup: Act as backup for Secretariat duties to Jason, including coordination of Risk Committee meetings, preparation of minutes, and tracking of follow‑up actions.
• Strategic Risk Initiatives: Support implementation of strategic risk initiatives and emerging risk reviews — particularly in areas of AI ethics, data governance, cyber resilience, and technology innovation risk.

(This role is based in Singapore and may be required to travel.)

• A good degree in Finance, Accounting, Business, Economics, Engineering or IT
• At least 10‑12 years of risk management, consulting, or auditing work experience
• Experience in working in challenging business environment with proven capabilities in organising, summarising and presenting complex information.
• Advanced knowledge of risk management and control concepts, leading risk management practices and standards (e.g. ISO 22301, ISO 31000, COSO).
• Deep understanding of telco/network architectures (core, transport, RAN), IT infrastructure & applications, data centre and cloud/hybrid environments, and their recovery patterns.
• Track record running crisis events and large‑scale failover/exercise programmes.
• Strong governance, reporting and stakeholder skills with Board/Committee exposure.
• Certifications desired: MBCI/CBCP, ISO 22301 Lead Auditor/Implementer; ITIL, CISM/CISSP or equivalent are a plus.
• Strong analytical and critical thinking skills - independent and objective
• Strong leadership and engagement skills with ability to manage across functions, levels, cultures and geographies.
• Good communication (oral, written) and presentation skills and proven track record in interacting with all levels of management.
• A strong team player with positive attitude. Highly driven, autonomous and resilient. Enjoy working in a dynamic and multi‑cultural team and business environment.

• Flexible work arrangements
• Full suite of health and wellness benefits
• Ongoing training and development programs
• Internal mobility opportunities

Are you ready to say hello to BIG Possibilities?

Take the leap with Singtel to unlock new opportunities and accelerate your growth. Apply now and start your empowering career!

We are committed to a safe and healthy environment for our employees & customers and will require all prospective employees to be fully vaccinated.