Deskripsi Pekerjaan
Are you a seasoned IT professional with a passion for governance, risk management, and cybersecurity? Mills Recruitment is proud to partner with a leading organization in Kuala Lumpur to find a highly skilled Senior Executive - IT Security, Risk & Compliance.
In this pivotal role, you will be the guardian of our client’s digital infrastructure. You will be responsible for defining, implementing, and monitoring IT security policies to ensure the organization remains resilient against evolving cyber threats while strictly adhering to regulatory compliance standards. The ideal candidate will bridge the gap between technical IT operations and executive-level risk oversight, ensuring that security initiatives align with broader business objectives.
This position offers an excellent opportunity to work within a dynamic environment, influencing high-level security strategies and working with cross-functional teams to foster a culture of data protection and operational excellence.
Tanggung Jawab
- Develop and maintain comprehensive IT security policies, standards, and procedures to protect corporate assets.
- Conduct regular IT risk assessments and security audits to identify vulnerabilities and recommend robust mitigation strategies.
- Ensure full compliance with local regulations (PDPA, BNM guidelines) and international cybersecurity standards (ISO 27001, NIST).
- Lead incident response activities and provide post-mortem analysis to prevent recurrence of security breaches.
- Collaborate with IT infrastructure and software development teams to integrate security best practices into the SDLC (DevSecOps).
- Monitor security infrastructure performance and manage third-party security vendors and service providers.
- Conduct internal training sessions to raise organizational awareness regarding data privacy and cybersecurity hygiene.
Kualifikasi
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
- Minimum of 4-6 years of experience in IT security, risk management, or information security compliance.
- Professional certifications such as CISSP, CISA, CISM, or CRISC are highly preferred.
- In-depth knowledge of cybersecurity frameworks (NIST, ISO 27001) and regulatory requirements (PDPA).
- Proven experience in performing security audits, vulnerability assessments, and managing risk registers.
- Strong analytical mindset with the ability to translate complex security risks into business-impacting insights.
- Excellent communication skills with the ability to influence stakeholders at various levels.