32 Compliance Analyst jobs in Pakistan

About US Mobile

US Mobile is on a mission to revolutionize connectivity. Imagine a world where you can go into a single app and buy terabytes of data for every one of your devices: phone, smart devices, car, home broadband, and more. That’s the future that US Mobile is building: a software platform built truly for the 21st century and the age of 5G and IoT, with world class engineering, best-in-class user experience, and features that will define the next generation of connectivity for customers in the US.

At the core of it all, our people are the driving force behind our success. We’re one collaborative, driven, and empowered team on a mission to build a product that makes the lives of our customers easier.

About the Role

As a SOC 1 Compliance Analyst you’ll join our Compliance & Risk team. Your role would cover maintaining strong financial controls critical to how we support millions of customers with transparency and trust.

In this role, you'll help ensure our internal controls over financial reporting (ICFR) meet SOC 1 (SSAE 18) standards, working closely with Finance, Accounting, and Audit teams. We’re looking for someone with a background in audit, accounting, or compliance, who understands control frameworks like COSO and thrives in a fast-paced, tech-driven environment.

This role is based in Pakistan and can be performed on-site from either our Lahore or Karachi office.

Qualification Criteria:

Industry Background:

Ideal candidate should have strong background and experience in finance & auditing.

Academic Qualification:

Degree in Finance/Auditing or be a Certified Accountant (ACCA, CA, CPA, CISA)

What US Mobile Offers

Competitive Above-Market Salary: We recognize and reward exceptional talent.

Comprehensive Health Coverage: Medical plans to keep you and your family covered.

Free Meals & Drinks: Enjoy complimentary food and beverages to keep you energized.

Relocation Support: We assist with relocation for the right candidate.

Vibrant Startup Culture: Work in an agile, innovative, and supportive environment that encourages growth and flexibility. We deeply care about our customers and employees alike.

Join USM to help shape an organization that values people at its core.

If you’re passionate about People Strategy and excited about making a meaningful impact, we’d love to hear from you!

Apply Now and be part of a team that’s redefining the customer experience and workplace culture at US Mobile.

#J-18808-Ljbffr

About US Mobile US Mobile is on a mission to revolutionize connectivity. Imagine a world where you can go into a single app and buy terabytes of data for every one of your devices: phone, smart devices, car, home broadband, and more. That’s the future that US Mobile is building: a software platform built truly for the 21st century and the age of 5G and IoT, with world class engineering, best-in-class user experience, and features that will define the next generation of connectivity for customers in the US. At the core of it all, our people are the driving force behind our success. We’re one collaborative, driven, and empowered team on a mission to build a product that makes the lives of our customers easier. About the Role As a

SOC 1 Compliance Analyst

you’ll join our

Compliance & Risk team.

Your role would cover maintaining strong financial controls critical to how we support millions of customers with transparency and trust. In this role, you'll help ensure our internal controls over financial reporting (ICFR) meet SOC 1 (SSAE 18) standards, working closely with Finance, Accounting, and Audit teams. We’re looking for someone with a background in audit, accounting, or compliance, who understands control frameworks like COSO and thrives in a fast-paced, tech-driven environment. This role is based in Pakistan and can be performed on-site from either our Lahore or Karachi office. Qualification Criteria: Industry Background: Ideal candidate should have strong background and experience in finance & auditing. Academic Qualification: Degree in Finance/Auditing or be a Certified Accountant (ACCA, CA, CPA, CISA) What US Mobile Offers Competitive Above-Market Salary:

We recognize and reward exceptional talent. Comprehensive Health Coverage:

Medical plans to keep you and your family covered. Free Meals & Drinks:

Enjoy complimentary food and beverages to keep you energized. Relocation Support:

We assist with relocation for the right candidate. Vibrant Startup Culture:

Work in an agile, innovative, and supportive environment that encourages growth and flexibility. We deeply care about our customers and employees alike. Join USM to help shape an organization that values people at its core. If you’re passionate about People Strategy and excited about making a meaningful impact, we’d love to hear from you! Apply Now and be part of a team that’s redefining the customer experience and workplace culture at US Mobile.

#J-18808-Ljbffr

About US Mobile US Mobile is on a mission to revolutionize connectivity. Imagine a world where you can go into a single app and buy terabytes of data for every one of your devices: phone, smart devices, car, home broadband, and more. That’s the future that US Mobile is building: a software platform built truly for the 21st century and the age of 5G and IoT, with world class engineering, best-in-class user experience, and features that will define the next generation of connectivity for customers in the US. At the core of it all, our people are the driving force behind our success. We’re one collaborative, driven, and empowered team on a mission to build a product that makes the lives of our customers easier. About the Role As a

SOC 2 Compliance Analyst

you’ll join our

Compliance & Risk team.

In this role, you will be responsible for managing both compliance and technical security controls Your responsibilities would include implementing and maintaining security systems, gathering audit evidence, documenting processes, and supporting both internal and external assessments. You’ll configure and monitor tools such as firewalls, IDS/IPS, and vulnerability scanners; participate in incident response; and collaborate with teams to align policies with SOC 2 Trust Services Criteria, penetration testing, and all compliance reporting in accordance with established guidelines. Strong communication skills and a solid technical background are essential. This role is based in Pakistan and can be performed on-site from either our Lahore or Karachi office. Qualification Criteria: Industry Background: Ideal candidate should have strong background and experience in finance & auditing. Academic Qualification: Be a qualified CISSP, CCSP or have relevant Certification. What US Mobile Offers Competitive Above-Market Salary:

We recognize and reward exceptional talent. Comprehensive Health Coverage:

Medical plans to keep you and your family covered. Free Meals & Drinks:

Enjoy complimentary food and beverages to keep you energized. Relocation Support:

We assist with relocation for the right candidate. Vibrant Startup Culture:

Work in an agile, innovative, and supportive environment that encourages growth and flexibility. We deeply care about our customers and employees alike. Join USM to help shape an organization that values people at its core. If you’re passionate about People Strategy and excited about making a meaningful impact, we’d love to hear from you! Apply Now and be part of a team that’s redefining the customer experience and workplace culture at US Mobile.

#J-18808-Ljbffr

Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s really only one: Zones – First Choice for IT.TM

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview:

As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework and tracking enterprise compliance across multiple security frameworks. You will also assist internal teams in preparing for internal and external assessments and audits, collaborate on critical IT projects to address security policy and risk issues, and develop key performance metrics to track and ensure compliance with policies and standards.

What you’ll do as the Information Security Analyst – Compliance & Risk Management:

Employees employed in the role of Information Security Analyst – Compliance & Risk Management shall be required to apply their independent mind and demonstrate intellectual abilities in their decision-making.

The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Analyze management and technical controls to ensure specific security and compliance requirements are met.
• Map regulatory/security requirements across the information security framework.
• Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS, maintaining up-to-date records of requirements and corresponding mitigating controls.
• Help internal teams with readiness for internal/external assessments/audits against industry standards and review programs/documentation for conformance.
• Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
• Develop key performance metrics to track and ensure compliance with established policies and standards.

What you will bring to the team:

• 5-7 years of information security experience.
• Experience with ISO 27001, SOC 2, and PCI-DSS compliance.
• Strong communication skills (verbal and written).
• Ability to meet deadlines and work under pressure.
• Experience of working in US-based multinational organizations is a plus.
• Security certifications such as CISSP/CISA, ISO27001.
• Extensive experience with auditing vendors/service providers/partners for compliance with security.
• Experience of working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance requirements
• Bachelor’s degree in Computer Science or Information Technology.

Zones offers a comprehensive Benefits package

At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer a comprehensive benefits package that includes employee life insurance, health coverage for employees, spouse, and children, along with optional discounted coverage for parents. Additional benefits include, Voluntary Pension Fund Scheme, EOBI, complimentary meals, and access to an in-house gym.

We take pride in being an equal opportunity employer and are dedicated to maintaining a workplace free from discrimination of any kind. If you're passionate about driving innovation in IT, sales, engineering, or operations, Zones provide a dynamic and collaborative environment to grow your career.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin or on the basis of disability.

Job timings: 08:00 PM to 05:00 AM (Pk time)

#J-18808-Ljbffr

Information Security Analyst – Compliance & Risk Management

Join to apply for the Information Security Analyst – Compliance & Risk Management role at Zones IT Solutions

Information Security Analyst – Compliance & Risk Management

Join to apply for the Information Security Analyst – Compliance & Risk Management role at Zones IT Solutions

Get AI-powered advice on this job and more exclusive features.

Description

Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s really only one: Zones – First Choice for IT.TM

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview

As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework and tracking enterprise compliance across multiple security frameworks. You will also assist internal teams in preparing for internal and external assessments and audits, collaborate on critical IT projects to address security policy and risk issues, and develop key performance metrics to track and ensure compliance with policies and standards.

What you’ll do as the Information Security Analyst – Compliance & Risk Management:

Employees employed in the role of Information Security Analyst – Compliance & Risk Management shall be required to apply their independent mind and demonstrate intellectual abilities in their decision-making.

The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Analyze management and technical controls to ensure specific security and compliance requirements are met.
• Map regulatory/security requirements across the information security framework.
• Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS, maintaining up-to-date records of requirements and corresponding mitigating controls.
• Help internal teams with readiness for internal/external assessments/audits against industry standards and review programs/documentation for conformance.
• Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
• Develop key performance metrics to track and ensure compliance with established policies and standards.
  
  

What You Will Bring To The Team

• 5-7 years of information security experience.
• Experience with ISO 27001, SOC 2, and PCI-DSS compliance.
• Strong communication skills (verbal and written).
• Ability to meet deadlines and work under pressure.
• Experience of working in US-based multinational organizations is a plus.
• Security certifications such as CISSP/CISA, ISO27001.
• Extensive experience with auditing vendors/service providers/partners for compliance with security.
• Experience of working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance requirements
• Bachelor’s degree in Computer Science or Information Technology.
  
  

Zones offers a comprehensive Benefits package

At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer a comprehensive benefits package that includes employee life insurance, health coverage for employees, spouse, and children, along with optional discounted coverage for parents. Additional benefits include, Voluntary Pension Fund Scheme, EOBI, complimentary meals, and access to an in-house gym.

We take pride in being an equal opportunity employer and are dedicated to maintaining a workplace free from discrimination of any kind. If you're passionate about driving innovation in IT, sales, engineering, or operations, Zones provide a dynamic and collaborative environment to grow your career.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin or on the basis of disability.

Job timings: 08:00 PM to 05:00 AM (Pk time)

Seniority level

• Seniority level Not Applicable

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Computer Hardware Manufacturing, Software Development, and IT Services and IT Consulting

Referrals increase your chances of interviewing at Zones IT Solutions by 2x

Sign in to set job alerts for “Information Security Analyst” roles.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Information Security Analyst – Compliance & Risk Management

Join to apply for the

Information Security Analyst – Compliance & Risk Management

role at

Zones IT Solutions Information Security Analyst – Compliance & Risk Management

Join to apply for the

Information Security Analyst – Compliance & Risk Management

role at

Zones IT Solutions Get AI-powered advice on this job and more exclusive features. Description

Company Overview:

When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s really only one: Zones – First Choice for IT.TM

Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook.

Position Overview

As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework and tracking enterprise compliance across multiple security frameworks. You will also assist internal teams in preparing for internal and external assessments and audits, collaborate on critical IT projects to address security policy and risk issues, and develop key performance metrics to track and ensure compliance with policies and standards.

What you’ll do as the Information Security Analyst – Compliance & Risk Management:

Employees employed in the role of Information Security Analyst – Compliance & Risk Management shall be required to apply their independent mind and demonstrate intellectual abilities in their decision-making.

The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Analyze management and technical controls to ensure specific security and compliance requirements are met. Map regulatory/security requirements across the information security framework. Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS, maintaining up-to-date records of requirements and corresponding mitigating controls. Help internal teams with readiness for internal/external assessments/audits against industry standards and review programs/documentation for conformance. Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle. Develop key performance metrics to track and ensure compliance with established policies and standards.

What You Will Bring To The Team

5-7 years of information security experience. Experience with ISO 27001, SOC 2, and PCI-DSS compliance. Strong communication skills (verbal and written). Ability to meet deadlines and work under pressure. Experience of working in US-based multinational organizations is a plus. Security certifications such as CISSP/CISA, ISO27001. Extensive experience with auditing vendors/service providers/partners for compliance with security. Experience of working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance requirements Bachelor’s degree in Computer Science or Information Technology.

Zones offers a comprehensive Benefits package

At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer a comprehensive benefits package that includes employee life insurance, health coverage for employees, spouse, and children, along with optional discounted coverage for parents. Additional benefits include, Voluntary Pension Fund Scheme, EOBI, complimentary meals, and access to an in-house gym.

We take pride in being an equal opportunity employer and are dedicated to maintaining a workplace free from discrimination of any kind. If you're passionate about driving innovation in IT, sales, engineering, or operations, Zones provide a dynamic and collaborative environment to grow your career.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin or on the basis of disability.

Job timings: 08:00 PM to 05:00 AM (Pk time) Seniority level

Seniority level Not Applicable Employment type

Employment type Full-time Job function

Job function Information Technology Industries Computer Hardware Manufacturing, Software Development, and IT Services and IT Consulting Referrals increase your chances of interviewing at Zones IT Solutions by 2x Sign in to set job alerts for “Information Security Analyst” roles.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Company Overview: When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there’s

really only

one: Zones – First Choice for IT.TM Zones is a Global Solution Provider of end-to-end IT solutions with an unmatched supply chain. Positioned to be the IT partner you need, Zones, a Minority Business Enterprise (MBE) in business for over 35 years, specializes in Digital Workplace, Cloud & Data Center, Networking, Security, and Managed/Professional/Staffing services. Operating in more than 120 countries, leveraging a robust portfolio, and utilizing the highest certification levels from key partners, including Microsoft, Apple, Cisco, Lenovo, Adobe, and more, Zones has mastered the science of building digital infrastructures that change the way business does business ensuring whatever they need, they can Consider IT Done. Follow Zones, LLC on Twitter @Zones, and LinkedIn and Facebook. Position Overview: As the Information Security Analyst - Compliance & Risk Management, you will analyze management and technical controls to ensure compliance with security requirements. This includes mapping regulatory and security requirements across the information security framework and tracking enterprise compliance across multiple security frameworks. You will also assist internal teams in preparing for internal and external assessments and audits, collaborate on critical IT projects to address security policy and risk issues, and develop key performance metrics to track and ensure compliance with policies and standards. What you’ll do as the

Information Security Analyst – Compliance & Risk Management: Employees employed in the role of

Information Security Analyst – Compliance & Risk Management

shall be required to apply their independent mind and demonstrate intellectual abilities in their decision-making. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Analyze management and technical controls to ensure specific security and compliance requirements are met. Map regulatory/security requirements across the information security framework. Track enterprise compliance across multiple security frameworks including ISO27001, 27701, SOC2, GDPR, and PCI-DSS, maintaining up-to-date records of requirements and corresponding mitigating controls. Help internal teams with readiness for internal/external assessments/audits against industry standards and review programs/documentation for conformance. Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle. Develop key performance metrics to track and ensure compliance with established policies and standards. What you will bring to the team: 5-7 years of information security experience. Experience with ISO 27001, SOC 2, and PCI-DSS compliance. Strong communication skills (verbal and written). Ability to meet deadlines and work under pressure. Experience of working in US-based multinational organizations is a plus. Security certifications such as CISSP/CISA, ISO27001. Extensive experience with auditing vendors/service providers/partners for compliance with security. Experience of working extensively with the Engineering teams (system admin, network admin, security admin, application teams) to effectively communicate the compliance

requirements Bachelor’s degree in Computer Science or Information Technology. Zones offers a comprehensive Benefits package

At Zones, we are committed to fostering an inclusive and diverse workplace where every team member is valued and supported. We offer a comprehensive benefits package that includes employee life insurance, health coverage for employees, spouse, and children, along with optional discounted coverage for parents. Additional benefits include, Voluntary Pension Fund Scheme, EOBI, complimentary meals, and access to an in-house gym. We take pride in being an equal opportunity employer and are dedicated to maintaining a workplace free from discrimination of any kind. If you're passionate about driving innovation in IT, sales, engineering, or operations, Zones provide a dynamic and collaborative environment to grow your career. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin or

on the basis of

disability. Job timings:

08:00 PM to

05:00 AM (Pk time)

#J-18808-Ljbffr

Lead Manager – Strategic, Financial and Compliance Risks

April 07, 2025

JOB DETAILS:

Qualification & Experience:

CA or ACMA with at least 6 years of post-membership relevant experience.
Or
ACCA or MBA (Finance) from HEC recognized university with at least 9 years of relevant experience. Certification like CIMA or CIA will be an added advantage. Candidate must have at least 04 years of relevant experience as a Functional / Team Lead. Training in ISO 31000 on risk management will be a plus.

Responsibilities:

JOB SUMMARY

The purpose of this position is to ensure implementation of Strategic, Financial and Compliance Risk Management activities as defined in the ERM framework of SSGC. The position is also responsible for implementing and maintaining the ERM Framework, maintaining and implementing company processes and policies across SSGC.

JOB RESPONSIBILITIES

• Oversees and promotes the development and implementation of the ERM Framework for providing guidance, facilitation to the first line of defense, in identifying, assessing, evaluating, categorizing, prioritizing, monitoring, and controlling all significant risks facing the entity by reviewing and approving risk management methodologies.
• Provides guidance in identifying and assessing risk and determining the adequacy and cost-effectiveness of controls.
• Implements processes, systems, procedures, and data management capabilities to support the enterprise-wide risk management framework.
• Implements risk management information requirements (including risk metrics and reports), reporting thresholds, and early warning indicators.
• Reports all risk exposures identified with the help of risk owner’s departments at SSGC in relation to approved risk appetite and tolerance limits to CRO.
• Works with other heads of departments to ensure monitoring and compliance with the approved Enterprise Risk Management Framework.
• Monitors internal controls and systems of SSGC relevant to risk management.
• Arranges Risk Workshops and drives action points for implementation in coordination with the HoDs, Risk Champions, and Risk Owners.
• Develops and recommends the risk appetite and risk tolerance limits for the consideration of RMC.
• Monitors risk parameters against the risk tolerance limits, approved by the RMC and BRMC as reported and identified by the Risk Owners and Heads of Departments.
• Presents Risk Reports to CRO periodically.
• Drafts risk policies and procedures for review and recommendation of RMC.
• Plans the risk management-related awareness amongst SSGC departments regarding the need and importance of this exercise and ensures the correct implementation of the program through guided training sessions and/or e-learning modules.
• Presents updated Contract registers to the CRO, RMC, and BRMC as and when required.
• Automates ERM Processes through implementation and maintenance of ERM Software.
• Ensures close coordination with individual departments in proper articulation of risks and determination of the severity of impact as well as probability of its occurrence, using a top-down as well as a bottom-up approach.
• Coordinates with Internal Audit Department for arrangement of Risk-based Audits.
• Facilitates business and support groups in risk-based performance evaluation.
• Conducts risk-related reviews as assigned by CRO, RMC, and BRMC and ensures that findings of those reviews are reported to business units, Senior Management, and if appropriate to the Board.
• Convenes RMC / BRMC meetings as per TORS and approved rules of business.
• Ensures identification of successors for key positions through proper development.
• Facilitates learning through trainings in coordination with Human Resource Management Group and interactive sessions among the employees.
• Appraises the performance of employees deputed in the ERM department.
• Reports Key Risks in the Annual Report.
• Oversees quality reviews of Divisional and Departmental risk management, policies, process, people, Audit & Compliance Reports to identify iterative risks and systems.
• Assists the departments in categorization of the risks as per pre-defined criteria into categories including “critical”, “catastrophic” etc. based on level of severity and likelihood of happening (e.g. almost certain, likely, possible) as defined in the ERM Framework.
• Builds and improves capabilities to respond effectively to low probability, critical, and catastrophic risks.
• Develops risk registers for documenting, storing, and maintaining risk information and conducts in-depth analysis of key risks by obtaining information and data from SSGC departments.
• Manages the program to update the Risk Registers on a monthly basis with the active participation of the respective departments.
• Ensures to prepare comprehensive management reports from the consolidated risk-related information.
• Presents the reports to the Risk Management Committee and Board’s Risk Committee on a quarterly basis for inputs and monitors the progress of the necessary actions by departments in order to mitigate the identified risks.

#J-18808-Ljbffr

Lead Manager – Strategic, Financial and Compliance Risks April 07, 2025 JOB DETAILS: Qualification & Experience: CA or ACMA with at least 6 years of post-membership relevant experience. Or ACCA or MBA (Finance) from HEC recognized university with at least 9 years of relevant experience. Certification like CIMA or CIA will be an added advantage. Candidate must have at least 04 years of relevant experience as a Functional / Team Lead. Training in ISO 31000 on risk management will be a plus. Responsibilities: JOB SUMMARY The purpose of this position is to ensure implementation of Strategic, Financial and Compliance Risk Management activities as defined in the ERM framework of SSGC. The position is also responsible for implementing and maintaining the ERM Framework, maintaining and implementing company processes and policies across SSGC. JOB RESPONSIBILITIES Oversees and promotes the development and implementation of the ERM Framework for providing guidance, facilitation to the first line of defense, in identifying, assessing, evaluating, categorizing, prioritizing, monitoring, and controlling all significant risks facing the entity by reviewing and approving risk management methodologies. Provides guidance in identifying and assessing risk and determining the adequacy and cost-effectiveness of controls. Implements processes, systems, procedures, and data management capabilities to support the enterprise-wide risk management framework. Implements risk management information requirements (including risk metrics and reports), reporting thresholds, and early warning indicators. Reports all risk exposures identified with the help of risk owner’s departments at SSGC in relation to approved risk appetite and tolerance limits to CRO. Works with other heads of departments to ensure monitoring and compliance with the approved Enterprise Risk Management Framework. Monitors internal controls and systems of SSGC relevant to risk management. Arranges Risk Workshops and drives action points for implementation in coordination with the HoDs, Risk Champions, and Risk Owners. Develops and recommends the risk appetite and risk tolerance limits for the consideration of RMC. Monitors risk parameters against the risk tolerance limits, approved by the RMC and BRMC as reported and identified by the Risk Owners and Heads of Departments. Presents Risk Reports to CRO periodically. Drafts risk policies and procedures for review and recommendation of RMC. Plans the risk management-related awareness amongst SSGC departments regarding the need and importance of this exercise and ensures the correct implementation of the program through guided training sessions and/or e-learning modules. Presents updated Contract registers to the CRO, RMC, and BRMC as and when required. Automates ERM Processes through implementation and maintenance of ERM Software. Ensures close coordination with individual departments in proper articulation of risks and determination of the severity of impact as well as probability of its occurrence, using a top-down as well as a bottom-up approach. Coordinates with Internal Audit Department for arrangement of Risk-based Audits. Facilitates business and support groups in risk-based performance evaluation. Conducts risk-related reviews as assigned by CRO, RMC, and BRMC and ensures that findings of those reviews are reported to business units, Senior Management, and if appropriate to the Board. Convenes RMC / BRMC meetings as per TORS and approved rules of business. Ensures identification of successors for key positions through proper development. Facilitates learning through trainings in coordination with Human Resource Management Group and interactive sessions among the employees. Appraises the performance of employees deputed in the ERM department. Reports Key Risks in the Annual Report. Oversees quality reviews of Divisional and Departmental risk management, policies, process, people, Audit & Compliance Reports to identify iterative risks and systems. Assists the departments in categorization of the risks as per pre-defined criteria into categories including “critical”, “catastrophic” etc. based on level of severity and likelihood of happening (e.g. almost certain, likely, possible) as defined in the ERM Framework. Builds and improves capabilities to respond effectively to low probability, critical, and catastrophic risks. Develops risk registers for documenting, storing, and maintaining risk information and conducts in-depth analysis of key risks by obtaining information and data from SSGC departments. Manages the program to update the Risk Registers on a monthly basis with the active participation of the respective departments. Ensures to prepare comprehensive management reports from the consolidated risk-related information. Presents the reports to the Risk Management Committee and Board’s Risk Committee on a quarterly basis for inputs and monitors the progress of the necessary actions by departments in order to mitigate the identified risks.

#J-18808-Ljbffr