Senior Risk Officer

Purpose of the Role

The Risk Officer is responsible for establishing and leading the enterprise-wide Risk Management Function, ensuring a robust risk governance framework that proactively identifies, assesses, mitigates, and monitors risks. The RO functions independently of the technology division and acts as the second line of defense , safeguarding the companys operational, financial, technological, legal, and reputational integrity.

Key Responsibilities

• Develop, implement, and maintain the Risk Control Framework, aligned with strategic goals and regulatory requirements.
• Define and regularly review the Risk Appetite Statement (RAS) and ensure alignment across verticals.
• Lead the formulation, rollout, and monitoring of risk-related policies, procedures, and controls.
• Oversee Risk and Control Self-Assessments (RCSA) and ensure timely mitigation of residual risks.
• Conduct enterprise-wide risk audits and control reviews to validate adherence to framework and policies.
• Track regulatory circulars, policy changes, and licensing requirements (RBI, SEBI, FIU, etc.), ensuring company-wide compliance.
• Lead the incident management process for fraud, operational breakdowns, cyber threats, and compliance violations.
• Oversee third-party risk, including vendor onboarding, SLA adherence, and periodic risk reassessment.
• Coordinate with Legal & Compliance to assess and manage contractual and legal risks.
• Advise product, strategy, and operational teams on emerging risks and ensure risk-informed decision-making.
• Present risk dashboards, breach alerts, and KRI updates to the Risk Management Committee and the Board.
• Promote a risk-aware culture across all departments, embedding risk ownership into daily operations.

Required Qualifications & Experience

• 7+ years of relevant experience in enterprise risk management, preferably in fintech, banking, or regulated financial services.
• Strong knowledge of RBI, SEBI, FIU-IND, and data protection regulations.
• Demonstrated experience in leading RCSA, fraud risk programs, regulatory compliance, and vendor risk assessments.
• Familiarity with frameworks such as ISO , and control standards SOC 2, PCI-DSS.
• Prior experience interacting with senior regulatory officials or serving on Risk Committees is preferred.
• CA, MBA (Finance), FRM, or equivalent risk certifications are a plus.