Job Description

Salary MYR96,000 - MYR120,000 per annum + Market Aligned

Location Kuala Lumpur FULL_TIME

Consultant Pearly Toh

Job Ref 1902830/001

Date posted 13 February 2023 kuala-lumpur tech-transformation/it-security 2023-02-13 2023-04-14 real-estate-and-property Kuala Lumpur MY MYR 96000 120000 120000 YEAR Robert Walters https://www.robertwalters.com.my https://www.robertwalters.com.my/content/dam/robert-walters/global/images/logos/web-logos/square-logo.png true

An exciting Manager, IT GRC job has just become available at one of the top property developers in Malaysia.

About the Manager, IT GRC Role:
As part of the expanding business, you will be ensuring the information security and technology risk governance within the business is operating effectively and provide assurance that the risk is appropriately managed.

Key Responsibilities:

• Ensure technology governance processes are properly designed, functioning effectively, and maintain its compliance with ISO27001, PCIDSS, and Bank Negara Malaysia (BNM)\'s RMIT requirements
• Review, test and attest to information security policies, documentations, and control libraries. Validate security baseline configurations of systems and infrastructure. Evaluate performance of information and cybersecurity management by assessing effectiveness of the controls implemented
• Act as lead contact for internal and external audits relates to technology governance. Oversee technology risk register and coordinate remediation activities
• Assist in development, maintenance and implementation of technology controls and processes to streamline IT compliance and continuous improvement activities
• Perform various types of security and risk assessments (IT control assessment, application security, maturity, compliance, and risk) for projects and third parties. Track and monitor risk exceptions to ensure control deviations are identified and mitigating controls are in place
• Manage ongoing assessment actives, including, but not limited to, external penetration testing by third parties and external risk assessment
• Manage the Cybersecurity Awareness Programmes which may include, but is not limited to, annual employee training, ongoing awareness campaigns and phishing exercises
• Ensure incidents and vulnerabilities are escalated and resolved in a timely manner. Assist in performing security risk assessments and produce recommendation for risk mitigations
• Be responsible for user access provisioning compliance which includes access rights, user roles or profiles, authorising and approving authorities, and periodic review of user access matrix
• Ensure access controls to enterprise-wide systems are effectively managed and monitored. Ensure activity logs are maintained and available for audit and investigations

The successful Manager, IT GRC is a high-potential and motivated individual who goes the extra mile to make a difference while working closely with the business.

Key Requirements:

• A recognised university degree in technology, engineering, or business studies with information systems major/minor from an accredited college/university along with deep interest in technology risk, security and IT governance will be considered
• Professional qualifications preferred (e.g. CISSP, CRISC, CISA, CISM, CGEIT, PMP, ISO 27001 Lead Auditor/Implementer or other relevant qualifications)
• More than five years of relevant experience in technology audit, risk management, regulatory compliance
• Experience working in a Big Four is an advantage
• Excellent written and verbal communication skills in English
• Able to document technical information for executive level reporting and presentations
• Strong interpersonal skills with a demonstrated ability to gain the confidence and respect of senior level executives
• Strong client services orientation and accustomed to taking an active role in executing client engagements
• Strong analytical and management skills
• Strong technical knowledge in operating systems, networking, applications, and a good understanding of security issues
• Independent, self-motivated, organised, and results-oriented individual capable of handling multiple tasks and achieving tight deadlines
• A client-centric mindset with an understanding of IT within a business context is desirable.

This renowned property developer has an outstanding reputation in its field and great value is placed on training and development. The scope of the offer, the size of business, the freedom and autonomy to drive your career forward all add up to a great place to work.

If you have what it takes, is passionate and want to elevate yourself into senior management, this is an excellent opportunity to work with an industry leader that is constantly breaking new ground. Great career opportunities await the right person in this exciting Manager, IT GRC role.

Apply today or email me at pearly.toh@robertwalters.com.my to discuss this new opportunity.

Robert Walters