Who we are
Amplify Health Asia Pte. Limited (Amplify Health) is a leading health technology and analytics organization, providing our customers with integrated solutions to improve outcomes for individuals and the sustainability of health systems.
The vision for Amplify Health is to be a leading digital health technology and integrated solutions business. We aim to be a trusted custodian of Asia's largest repository of health data, unifying financial, clinical, operational and behavioural data to empower our customers with insights that highlight opportunities to deliver better value and care outcomes.
Our Culture and Values
At Amplify Health, we believe in fostering a culture that embodies the spirit of Courageous Entrepreneurs. We are passionate and innovative individuals who continuously strive to push boundaries and think outside the box. We understand that calculated risks are essential for driving progress, and we view failures as valuable opportunities to learn and grow.
As Outstanding People, collaboration, learning, and growth are at the core of our values. We trust and rely on each other, working together as a unified team to achieve our goals. When success comes our way, we celebrate it as a collective achievement, and we are committed to improving and excelling together.
We firmly believe in the mantra of Discuss, Decide, Do. Listening is fundamental in our decision-making process, and we act promptly, ensuring accountability in everything we do. Simplicity is the key to our efficiency, and we get things done quickly and effectively while being guided by facts and understanding.
At the heart of our pursuits lies a Lasting Impact. We prioritize the needs of our customers, and we are crystal clear about the problems we are solving for them. Progress is our north star, and while we strive for excellence, we acknowledge that perfection is a journey, and we remain focused on delivering excellent products that make a tangible difference.
If you are a passionate and innovative individual who thrives in a collaborative environment, where courage is celebrated, and customer focus is paramount, we invite you to join our team. Together, we will shape the future with our unwavering commitment to excellence and the determination to make a lasting impact in the industry.
What you will do
As Head of Risk & Compliance, you will lead, own and be accountable for the end-to-end Risk Management Framework and its effective implementation across business and in accordance with the Board and regulatory requirements.
You will have business reporting line to the Amplify Health Chief Financial & Operating Officer with functional reporting to AIA.
How you would make a difference
Risk Governance:
Design, implement and continuously enhance Amplify Health’s Risk Management Framework as well as lead and embed Risk Management Framework by working as a second line of defence, for all categories of risk, in all parts of the business.
Develop, maintain and utilise risk and compliance frameworks, policies, standards, and applicable laws to help guide decision making.
Define the risk appetite, risk tolerance which allows to achieve business outcomes.
Establish and assess the adequacy of internal risk controls and monitor that the Business is operating within limits and policies.
Strong Risk Culture:
Instil risk ownership amongst business leaders to promote proactive, positive, risk culture, which is embedded and aligned with the business, and contributes to protecting company’s reputation and assets
Develop and implement ongoing communication and training to embed a strong culture of risk, compliance and ethics.
Risk Management:
Provide quality advice, insight and support to CEO and the Leadership Teams on new initiatives, key projects from compliance, regulatory and risk perspectives. This includes, but is not limited to, providing security and control review on major technology initiatives to ensure that the security standards and requirement are met, and risk mitigation are appropriately implemented
Identify and proactively manage the key risks, with the corresponding controls embedded in the respective policies & standards. Work with business functions on risk treatment plans and monitor execution status.
Embed technology risk framework and processes for governance, risk and control, and help establish a forward looking / proactive view on emerging technology risks and opportunities.
Perform ongoing monitoring of regulatory developments, with a focus on those related to data privacy, protection and security, and provide feedback to functional owners as and when appropriate to address the relevant regulatory requirements.
Annual risk & controls assessment reviewing Amplify Health’s key risks and controls within the business and their operating effectiveness.
Risk Disclosure:
Effective communication of risk and compliance matters including timely, complete and accurate reporting and/or escalation in accordance with relevant protocols, including regular reporting to board and relevant management committees
Oversee and manage the relationship with regulatory authorities and any other relevant external parties.
What you need to be successful
· At least 15 years of relevant work experience in Operational Risk, preferably in Technology Risk Management area
· Deep and broad technology understanding on emerging and current standards and best practices regarding security and technology platforms.
· In depth understanding of enterprise technologies (Cloud, DevOps etc.).
· Strong knowledge of Technology Risk Standards and Industry Standards frameworks as well as relevant of regulatory requirements.
· Experience in design and implementation of enterprise policy frameworks including policy / technical writing expertise an advantage.
· Relevant hands-on data analytics expertise leveraging common tools and platform allowing the deep analysis and proactive identification of emerging risk and control issues an advantage.
· Knowledge of relevant programming languages / tool sets such as Python, PowerBI, PowerApps, Office 365 etc an advantage.
· Knowledge in data privacy, data management regulations, laws and rules in Singapore and the region an advantage
· Experience in a startup an advantage.
· Broad business experience and acumen with deep understanding of operational processes, business complexities and interdependencies.
· Extensive stakeholder management experience, people leadership experience.
· Understanding of the regulatory environment as well as key legislation impacting on business activities.
· Relevant certifications an advantage, i.e. Certified in the Governance of Enterprise IT (CGEIT), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC).
