Manager - Risk

Data Privacy and Enterprise Risk Management

As a Data Privacy & Risk Manager, you will be part of the India Risk function and would be responsible for providing oversight and risk advice from second line perspective to India Business on Data Privacy and Non-Financial Risk (NFR) matters.

This role would assist in relaying the MetLife Enterprise framework to India Branch and oversee the application of and ongoing changes. Including the quality, transparency and accuracy Data Privacy, Non-financial risk information and the effectiveness of risk mitigation activities. 

Resource will also be accountable for:

• Oversight, review, and challenge of day-to-day Privacy Incidences, Assessments, Non-financial risk management, reporting and governance. 
• Oversight, review Data Privacy and challenge of risks in change management initiatives executed by or impacting MetLife
• Exercising the voice risk on matters impacting the Data Privacy and Non-financial risk of the branch
• Role-modelling MetLife Data Privacy, Ops risk culture principles and Non-financial risk operating model
• Support the successful delivery, active review and challenge implementation activities in line with policies and practices
• Establish, implement, operate, monitor, review, maintain and improve Data Privacy, Ops Risk practices
• Take corrective and preventive actions, based on Governance structure

Privacy - Comply with legal requirements and avoid breaches of any law, statutory, regulatory or contractual obligations and any other applicable security requirements

§Technology Services – Data Privacy Concepts

§Guide for appropriate security controls for information systems and lead implementation of cost-effective and risk-based information security programs

§Safeguard sensitive data

§Good understanding of US Privacy practices, GDPR, DPDPA 

§Have strong understanding/ experience in technology services

§Incidence Management practices

§Policy governance 

§Experience in Privacy Assessments

Enterprise Risk Management, Compliance

§Technology Services – Enterprise Risk Management

§Provide operational and compliance risk advice to the Business – being the primary contact for relevant Business Unit management on all risk matters

§Contribute to cost effective, seamless and robust operations through robust management and embedding of the MetLife Operational Risk Framework 

§Support the business operations in effective management of operational risk by embedding a culture where risk is everyone’s responsibility

§Rollout periodic training of risk and compliance toolkits across the business area

§Identify and recommend solutions to current and potential Operational threats to business areas

§Ensure that control gaps are identified, assessed for materiality, treatments are implemented and tracked

§Lead effective implementation of risk and compliance initiatives

§Engage Senior Management and stakeholders to ensure appropriate Management oversight is achieved to create appropriate awareness around operational risk

§Align risk appetite and strategy with Risk Framework deployment and Enhance risk response decisions

§Reduce operational surprises and losses

§Identifying and managing multiple and cross-enterprise risks

§Direct and control the organization about risk management

§Improve the identification of opportunities and threats

§Improve stakeholder confidence and trust

§Enhance health and safety performance, as well as environmental protection

§Identify potential problems before they occur so that risk handling activities can be planned and invoked as needed to mitigate adverse impacts on achieving objectives

§Conflict of Interest, Enterprise Compliance Office

Work closely with cross functional teams like IT, Operations, and other enabling partners:

§Partner with IT to design, reengineer & sustain data privacy practices

§Guide IT to plan, establish, implement, operate, monitor, review, maintain and improve Service Management System (SMS)

§Review the technology, management systems, Ops  processes, roles, activities, vendors and suppliers used in the delivery of services

§Bridge the gap between control requirements, technical issues and business risks

Assurance / Audit

§Manage audit programs including establishing the audit programme objectives, establishing the audit programme, implementing the audit programme, monitoring the audit program, reviewing and improving the audit programme

§Conduct systematic and independent audits for obtaining audit evidences and evaluating them objectively to determine the extent to which the audit criteria are fulfilled including Initiating the audit, Preparing audit activities, conducting the audit activities, Preparing and distributing the audit report, completing the audit and conducting audit follow-up

§Facilitate corporate and external audits

Competencies & Skills:

§Individuals with Functional Certifications around Data Privacy and Operational Risk from reliable certifying body with proven track record

§Strong People Leader with proven people skills

§Strong communication and presentation skills; Ability to articulate and influence clients / customers is a critical requirement

§Should be capable of building and sustaining strong relationships with his / her own team, International Clients and Service Partners

Work Experience :

10 yrs+ of work experience in Data Privacy, Operations Risk, Corporate Ethics and Compliance.