Head of Internal Audit and Risk

Role Summary:

This role leads the Internal Audit and Enterprise Risk Management (ERM) functions for a newly listed healthcare technology group. Reporting directly to the C-suite, the Head will be responsible for implementing and enhancing the existing audit and risk frameworks, strengthening governance practices, and driving a risk-aware culture across the organisation.

Key Responsibilities:

• Lead the development and execution of the Annual Internal Audit Plan, aligned with organisational priorities and risk exposure
• Oversee and perform end-to-end audit engagements, ensuring quality, timeliness, and adherence to professional standards
• Evaluate the effectiveness of internal controls, identifying:
• Control gaps
• Regulatory non-compliance
• Operational inefficiencies
• Review and approve audit reports, ensuring clear, actionable insights for Management and the Board
• Drive the Enterprise Risk Management (ERM) framework across all departments and subsidiaries
• Oversee the Enterprise Risk Register, including risk identification, assessment, mitigation, and monitoring
• Facilitate risk workshops and engagements with key stakeholders to identify emerging risks and define risk indicators
• Prepare and present quarterly audit and risk reports to:
• Senior Management
• Audit & Risk Management Committee
• Board of Directors
• Ensure compliance with relevant regulatory requirements, financial reporting standards (e.g., MFRS), and internal policies
• Promote a strong risk-aware and control-conscious culture across the organisation
• Lead, mentor, and develop a lean audit and risk team

Qualifications & Experience:

• Bachelor's Degree in Accounting, Finance, Business, or related field
• Minimum 7–10 years of experience in:
• Internal Audit
• Risk Management
• Governance / Compliance
• Experience in a public-listed company or exposure to IPO environments is highly preferred
• Professional certifications:
• CIA (Certified Internal Auditor) strongly preferred
• ACCA, CPA, or equivalent are advantageous
• Working knowledge of MFRS and corporate governance practices
• Familiarity with frameworks such as ERM and internal control standards

Preferred Skills

• Ability to operate both strategically and hands-on in a lean team structure
• Strong stakeholder management skills with experience engaging C-suite and Board-level stakeholders
• Proven track record in implementing or enhancing audit/risk frameworks
• Strong analytical thinking and sound judgment in risk assessment
• Excellent communication and report-writing skills (English & Bahasa Malaysia)
• High level of integrity, independence, and professionalism