Overview
IT Governance Risk & Compliance Lead Jobs in Greater Kuala Lumpur at Boost
Title: IT Governance Risk & Compliance Lead
Company: Boost
Location: Greater Kuala Lumpur
About the job
Responsible for developing, implementing, and overseeing the Information Security Governance, Risk Management, and Compliance Programs within the organization. Ensure information security controls including processes and solutions are adequately defined and implemented align with the latest business requirements and relevant regulatory requirements (i.e BNM RMiT, BNM MCIPD, NIST, PCI DSS, Security Commissions Guidelines, ISO 27001 Standards).
Job Description:
Information Security Governance
Ensure information systems and processes comply with relevant security laws, regulations, and standards.
Monitor the information security compliance with transparent reporting provided to all relevant stakeholders at planned intervals.
Development of Policies and Procedures
Review and update security policies and procedures following the latest business and regulatory requirements at planned intervals.
Develop and roll out security policies, procedures, guidelines, or checklists to all business entities and users.
Information Security Risk Management
Identify, assess, and manage information security risks from time to time.
Develop risk mitigation strategies and action plans.
Monitor and track information security risks to closure.
Third-Party Security Assessment
Lead for the execution of third-party security assessments for all third parties before onboarding, during engagement, and before service withdrawal.
Monitor and track third-party risks to closure.
Work together with relevant stakeholders to improve the third-party security assessment process.
Audits and Reviews
Be the SPOC for information security-related audits, assessments, and reviews.
Review evidence before audit submission or review.
Monitor and track audit findings to closure
Training and Education
Train and educate users on security-related matters at planned intervals
Soft Competencies
To establish good and effective cross-department working relationships with key reporting areas and build strong working relationships with external consultants, vendors, and regulators.
Provide advisory on policies, standards, and guidelines for IT-related internal controls and regulatory compliance.
Ensure effective IT governance, controls, and reporting through innovation, strategic planning, functional leadership, and operational oversight.
Results-driven person who is highly committed and independent with minimum supervision required.
Excellent verbal and written communication skills with the ability to address IT governance, information security, risk management, and compliance issues in both technical and non-technical terms.
Job Requirements:
A Bachelor’s Degree in Information Systems or other related disciplines from an accredited institution is required
Possess a good background in the financial services sector, financial transactional processes, technology systems, regulatory requirements, and internal controls (e.g. BNM RMIT, e-money guidelines, outsourcing guidelines, risk governance, business continuity management, data and MIS framework)
Familiar with NIST, IS0 27001, BNM RMiT, BNM MCIPD, PCI DSS, Security Commissions Guidelines
Experience in developing or implementing IT policies, standards, and procedures
Experience in identification, evaluation, management, and monitoring of risk
Experience in project coordination for IT projects.
