Security Engineer - GRC
Indexed description
Role & Responsibilities:
Technology and Cybersecurity Risk Governance
- Assist in maintaining the technology risk governance framework and supporting the achievement of relevant certifications.
- Support compliance activities with Bank Negara Malaysia’s RMiT policy and other regulatory requirements.
- Contribute to the development and review of IT and Cybersecurity Risk Appetite statements and governance strategies.
- Provide governance and controls oversight for technology and cybersecurity issues and risks.
- Support the coordination of the Information Security Working Committee and related governance forums.
Technology and Cybersecurity Risk Management
- Lead and execute periodic control assessments and risk assessments, ensuring comprehensive coverage of all critical technology and cybersecurity domains.
- Document, track, and report on risk assessment findings, ensuring clear communication of risk exposure and recommended actions to relevant stakeholders.
- Act as the primary risk manager for open risk issues, ensuring all risk commitments are tracked, escalated where necessary, and remediated in a timely and effective manner by risk owners.
- Prepare and report key risk metrics for management review.
- Provide control assurance support, including facilitation of risk assessments, deviations, and mitigation plans.
- Assist with internal and external audits, including coordination of control assessments and regulatory compliance.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search