Job
Description
The Risk and Compliance Manager at Ollion plays a critical role in safeguarding our organization s integrity and operational excellence. This role is responsible for identifying, assessing, and mitigating organizational risks while ensuring strict adherence to legal, regulatory, and internal policies across Ollion s global operations. While the role will bring deep expertise in APAC regulatory environments, it will also help shape, lead, and evolve global compliance strategies, audits, and risk policies in partnership with stakeholders globally. Expertise you bring 5+ years in risk management, compliance, or a related role, with demonstrated knowledge of APAC regulatory environments and experience applying compliance strategies globally. Strong understanding of diverse and evolving APAC regulations (including data privacy laws like PIPL, PDPA, DPDP; financial services compliance; anti-bribery and corruption laws) alongside global standards (e.g., GDPR, SOC, ISO, HIPAA, PCI DSS) Expertise in risk assessment methodologies (e.g., ISO 31000, NIST) with practical application in identifying and mitigating risks across global markets, with particular knowledge of APAC-specific considerations (e.g., cybersecurity threats, third-party risks, geopolitical factors). Excellent communication, analytical, and project management skills, adept at navigating cross-cultural communication nuances across APAC. Certified Information Systems Security Professional (CISSP), PMP, ITIL, or relevant APAC-focused compliance certifications (e.g., ISO 37001, CIPP/A) are a plus Ability to work collaboratively across global and diverse APAC teams, influencing stakeholders effectively to foster a strong compliance culture and drive necessary changes to enhance risk mitigation strategies. Experience utilizing Governance, Risk, and Compliance (GRC) technology solutions to manage compliance processes and data would be nice to have. Job Requirements Develop, implement, and maintain risk management and compliance policies and procedures aligned with international standards and diverse regional regulations, with particular attention to the APAC region. Conduct risk assessments identify, evaluate, and prioritize risks specific to APAC markets (including regulatory, financial crime, cybersecurity, and geopolitical risks), and implement appropriate mitigation strategies Monitor the evolving regulatory landscape across multiple APAC jurisdictions, analyzing the impact of new laws and updates on business operations. Manage internal and external audits, from planning through execution, including formulating responses and tracking and corrective actions Oversee and manage cross-border compliance challenges and data flow requirements within the APAC region. Monitor organizational activities for compliance with internal policies and external regulations, and prepare reports for internal management, boards, and external stakeholders, such regulatory bodies, as necessary) Design and deliver effective training and awareness programs on compliance, risk, and ethics, tailoring content to resonate with diverse cultures across APAC and promote a culture of integrity and accountability Investigate and respond to compliance incidents, breaches, and allegations of misconduct, ensuring appropriate follow-up, remedial action, and thorough documentation Provide timely, expert advice to business units on the interpreting and applying of compliance requirements and risk management strategies in their daily operations. Engage with relevant regulatory authorities and government bodies in our key APAC markets to monitor legal and regulatory expectations, relay them to internal stakeholders, and ensure the company responds effectively. Oversee third-party risk management for the APAC region, including monitoring and due diligence of vendors and partners. Establish and maintain key risk indicators (KRIs) and performance metrics for effectively monitoring shifts in the compliance landscape and assessing the success of mitigation efforts, regularly reporting insights to leadership. Continuously enhance the risk and compliance program by incorporating insights from risk assessments, audits, industry best practices, and regulatory developments.
