Tech Risk & Compliance Lead Specialist Tech Risk & Compliance Lead Specialist …

in Cyberjaya, Selangor, Malaysia
Permanent, Full time
Be the first to apply
in Cyberjaya, Selangor, Malaysia
Permanent, Full time
Be the first to apply
Tech Risk & Compliance Lead Specialist
Job Description

The role will be responsible to lead and review the effectiveness and adequacy of the Internal Control Framework, Technology Risk/Information Security, Compliance, BCMS and Governance for IT Operation.

Key Responsibilities
  • Coordinate compliance with Group IT Security policies and standards.
  • Perform and ensure the delivery of security risk assessments to identify comprehensive security risks and gaps.
  • Review technology related proposal requests to ensure that potential technology risks are properly managed.
  • Coordinate Third Party Security Assessments across all departments.
  • Advise departments on security related requirements, policies, standards and best practices.
  • Assist in the management of local security related issues such as non-compliance, data leakage, escalations etc.
  • Plan and deliver security training and awareness programs.
  • Ability to create and maintain internal control matrices to demonstrate compliance with various frameworks and requirements.
  • Designs IT/BCMS audit procedures to execute the annual audit plan, assess controls and meet audit objectives.
  • Make recommendations for improvement of control environment through audits or project participation.
  • Prepare and provide IT/BCMS reports, communications and presentations to management.

Job Requirements
  • Bachelor's degree in IT/Security or equivalent.
  • 5 years of InfoSec, Technology Risk work experience.
  • Experience performing IT risk assessments to identify risk and controls gaps.
  • Certifications/licenses - CISSP will be an added advantage.
  • Familiarity and understanding in any ISO audit frameworks will be an added advantage.
  • A self-starter with proactive attitude and the ability to work independently.
  • Strong verbal and written communication skills to effectively present audit findings and recommendations to auditees.

Job Segment: Risk Management, Compliance, Information Security, Finance, Legal, Technology