Talent.com
This job offer is not available in your country.
IT Security Governance and Risk Management Senior Analyst

IT Security Governance and Risk Management Senior Analyst

EPF MalaysiaKota Damansara, Selangor, Malaysia
12 hours ago
Job description

JOB SUMMARY

  • This position will be reporting to the Head of Security Governance & Risk Management Section and will function under the Advisory & Governance Unit.
  • Support and strengthen cybersecurity governance through comprehensive risk assessments, in-depth advisory services, and proactive engagement with key stakeholders to ensure compliance with internal policies and regulatory standards.

JOB RESPONSIBILITIES

  • Provide expert-level IT security advisory for business initiatives, systems implementations, and operational processes to ensure alignment with security policies and risk appetite.
  • Review and assess IT change requests, vendor solutions, technology initiatives and third-party controls for security risks and recommend mitigation strategies.
  • Lead the planning, execution, and analyse cybersecurity simulation exercises (e.g., phishing, smishing) to test and enhance organizational readiness.
  • Monitor the implementation of risk mitigation plans and follow up with relevant departments to ensure timely closure of issues.
  • Participate in governance forums and act as a liaison to internal committees (e.g., Risk Management Department, Data Governance Office, etc) on matters relating to IT risk and security governance.
  • Prepare reports, presentations, and dashboards on cybersecurity risk posture, incidents, and remediation progress for internal stakeholders and management.
  • Contribute to the development and refinement of IT security governance frameworks, policies, and procedures.
  • Mentor and support junior analysts in risk assessment and advisory functions.
  • JOB REQUIREMENTS

  • Malaysian citizen.
  • Pass Malay Language including oral test at Sijil Pelajaran Malaysia (SPM) level.
  • Possess a Bachelor's Degree in Computer Science / Information Technology, Cybersecurity or equivalent qualification from accredited higher learning institutions.
  • Minimum 6–9 years of experience in IT security, risk management, or cybersecurity advisory roles.
  • Strong understanding of information security principles, risk assessment methodologies, and regulatory frameworks (e.g., ISO 27001, NIST, CIS).
  • Excellent analytical thinking, communication, and stakeholder engagement skills.
  • Experience coordinating with cross-functional teams on security governance and compliance efforts.
  • Professional certifications such as CISM, CISSP, CRISC, or equivalent are highly desirable.
  • JOB STATUS

    Permanent

    All applications are strictly

    CONFIDENTIAL

    and only shortlisted candidates will be called in for interview. Applications are deemed

    UNSUCCESSFUL

    if there is no feedback from the EPF

    2 MONTHS

    after the closing date of advertisement.

    Create a job alert for this search

    It Security And Risk • Kota Damansara, Selangor, Malaysia