Epicareer Might not Working Properly
Learn More

IT Risk & Compliance

Salary undisclosed

Apply on


Original
Simplified

Position: IT Risk & Compliance Lead/Associate

Location: TRX

Type: Permanent

Mode: Onsite

ACCOUNTABILITIES AND RESPONSIBILITIES

1. Collect information and review documentation to ensure that risk scenarios are identified and evaluated.

2. Identify legal, regulatory and contractual requirements and organizational policies and standards related to information systems to determine their potential impact on the business objectives.

3. Perform monthly/quarterly submissions and annual review on Bank/BNM Key Risk Indicators (KRI), Risk Control Self Assessments (RCSA), Compliance Self Assessment Review (CSAR), Compliance Matrix (CMAX), Cyber Resilience Maturity Assessment (CRMA) and Management of Customer Information and Permitted Disclosures (MCIPD).

4. Coordinate submissions on Technology Risk Dashboard on monthly basis to Technology Risk Management team and send all Risk & Compliance communications to Technology Staff on adhoc basis.

5. Collect and validate data that measure key risk indicators (KRIs) to monitor and communicate their status to relevant stakeholders in their decision-making process.

6. Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively.

7. Review all the Department's documentations related to Risk and Compliance prior to submission to BRCM (for e.g. Master Service Agreement/ renewal Agreement/ Letter to BNM/ Guidelines and Procedures/ Due Diligence Checklist/ Cloud Risk Assessment/ Material Risk Assessments etc) and provide advisories to IT Project Managers.

8. Timely reporting/escalation of any compliance issue/breaches to respective BRCM and submission of Lost Event Report via GCM System for IT related Priority 1 & 2 incidents.

9. Close monitoring of submission of Compliance documents reviews, surveys for BNM and PayNet queries/updates and BNM Reviews to ensure that they are done within agreed timeline.

10. Any special assignment to undertake special/ad-hoc assignments as and when directed by Head, Governance Risk & Compliance (GRC).

REQUIRED QUALIFICATIONS & PROFESSIONAL SKILLS

Qualifications:

• Bachelor's degree in Business, IT, Risk Management, or a related field or relevant certifications (e.g., CISA, CISSP, CRISC) is a plus.

• More than 5 years of relevant experience in risk and compliance

• Proven experience in governance, risk management, or compliance roles, preferably in financial institutions

• Strong knowledge of regulatory frameworks, industry standards, and best practices related to GRC.

• Exceptional analytical skills and the ability to assess complex risks and provide practical solutions.

• Excellent communication and interpersonal skills to work effectively with cross-functional teams and external stakeholders.

• Detail-oriented with a commitment to maintaining the highest standards of integrity and ethics, strong organizational skills and the ability to prioritize and manage multiple tasks efficiently

Similar Jobs

1d ago

IT Officer
HeveaBoard Berhad

Full Time, onsite, onsite

Salary undisclosed

1d ago

Solution Architect
It Business Solutions Sdn Bhd

Full Time, onsite, onsite

RM 21,000 / month

1d ago

Full Time, onsite, onsite

Salary undisclosed

1d ago

IT Project Manager
GRASP SOFTWARE SOLUTIONS SDN BHD
G

Full Time, onsite, onsite

RM 3,600 / month