Tawaran kerja ini tidak tersedia di negara anda.
%20Sdn.%20Bhd.){kind=logo}
Risk Analyst
Manpower Staffing Services (Malaysia) Sdn. Bhd.Petaling Jaya, Selangor, Malaysia30+ hari lalu
Penerangan pekerjaanPerform due diligence on prospective and existing vendors, including reviewing security controls and compliance with regulatory standards. Ensure that all vendors meet the organization's security requirements before engagement.Vendor Monitoring : Continuously monitor third-party vendors for changes in risk profiles, compliance status, and performance. Maintain a vendor risk dashboard to track key metrics and provide regular updates to management.Issues Management : Identify, document, and prioritize findings from risk assessments and vendor evaluations. Develop and track remediation plans for identified findings or issues, ensuring timely resolution and mitigation of risks. Communicate issues and remediation status to relevant stakeholders and ensure follow-up actions are completed. Collaborate with internal departments such as DPO, Tech team, legal, procurement, and compliance to integrate third-party risk management practices into business processes. Communicate risk assessment findings and recommendations to stakeholders, ensuring transparency and informed decision-making. Policy and Procedure Development : Assist in the development and implementation of third-party risk management policies, procedures, and frameworks. Ensure that all processes align with industry best practices and regulatory requirements. Conduct training sessions and workshops to raise awareness of third-party risk management practices among internal teams. Provide guidance and support to business units on managing vendor risks effectively.Gen AI capabilities The Third Party Risk Analyst should grasp AI fundamentals, recognize the evolving landscape of LLMs (Large Language Models) and their practical applications, and integrate this awareness to anticipate vendor alignment while critically assessing risks 5 days working EPF & SOCSO Medical leave Annual leave Rest & relax area. Annual Leave Medical and Hospitalisation Leave EPF / SOCSO / PCB Medical Insurance 5 Working Days Flexible Working Hours
Requirements
- Bachelor's degree in computer science, Risk Management, Information Security, or a related field.
- Able to speak in English
- More than 3 years of experience in risk management, vendor management, or a related role.
- Strong understanding of risk assessment methodologies and third-party risk management best practices.
- Familiarity with regulatory requirements and industry standards such as ISO 27001, NIST, GDPR, etc.
- Excellent analytical, communication, and interpersonal skills.
- Ability to work collaboratively with cross-functional teams and manage multiple tasks simultaneously.
- Proficiency in GRC software and tools is a plus.
- 3-5+ years of experience in cybersecurity risk assessments, vendor risk management, or IT security audits.
- Strong understanding of security frameworks (e.g., NIST CSF, ISO 27001, SOC 2)
- Experience with vendor risk management platforms (e.g., CyberGRX, OneTrust, BitSight, SecurityScorecard).
- Familiarity with cloud security (AWS, Azure, Google Cloud) and SaaS security evaluations.
- Knowledge of regulatory compliance standards (GDPR, CCPA, HIPAA, PCI-DSS, etc.)
- Security certifications (e.g., CISA, CRISC, CISSP, CISM
- Experience with AI-driven security tools for third-party risk assessment.
Responsibilities
Collaboration and Communication :
Training and Awareness :
Benefits
Additional Benefits
Skills
Risk Management Data Analysis Financial Modeling Compliance Problem Solving Reporting Communication
Important Information
Never provide your bank or credit card details when applying for jobs. Do not transfer any money or complete unrelated online surveys. If you see something suspicious, Report this Job ad.
Learn More Save
Buat amaran kerja untuk carian ini
Risk • Petaling Jaya, Selangor, Malaysia