(Assistant Manager / Manager)
Summary of key responsibilities:
The nature of Tranglo’s business relies heavily on technology which requires IT-related risks to be managed adequately to safeguard information. The holding company’s compliance team support the compliance monitoring and testing for the group and we are looking for a dedicated, passionate and highly driven individual to join our team to focus on ensuring the organization's technology infrastructure, data handling practices, and overall operations adhere to stringent regulatory requirements and industry standards
Role and responsibilities
- Evaluate the design and effectiveness of technology controls throughout business processes:
- Evaluate compliance with policies, procedures, regulations and guidelines issued by both management and regulatory authorities.
- Support execution of compliance assessments of IT processes against leading practices, frameworks and common standards (e.g. CoBIT, ITIL, ISO 27001/02).
- Conduct specific thematic reviews and technology compliance monitoring and testing which include the evaluation of systems security controls, user access reviews, network and system vulnerabilities/application/data centre assessments, business continuity testing, IT disaster recovery plans
- Reporting: Prepare detailed IT compliance reports for senior management and regulatory bodies, highlighting key findings and areas for improvement.
- Interdepartmental Collaboration: Work closely with IT and business teams to integrate compliance efforts across the organization.
- Point of Contact: Serve as the primary point of contact for IT compliance-related inquiries and issues.
- Regulatory Liaison: Act as a liaison with regulatory bodies, staying informed about changes in applicable IT related regulations and standards.
- Conduct ad-hoc tasks/activities to support the functions of the department as and when needed.
Qualifications and requirements
- At least 3-5 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management).
- Understanding of business processes (e.g., Finance/Accounting, Procurement, Sales, etc.).
- Degree in Information Systems or Technology (IT), Computer Science or other related disciplines with relevant experience in managing cyber risk in financial market infrastructures.
- Knowledge of business and accounting information systems (Accounting, Billing, Payroll, ERP systems such as SAP, Oracle, etc.).
- Professional certification such as CISM, CISA, CSXP, CISSP, CREST, CDCP, GPEN or equivalent is desirable but not compulsory.
- Advanced Ms Office skills especially in Excel and PowerPoint.
- Excellent business writing and verbal communication skills in English.
- Experience in the financial industry is an added advantage.
- Malaysian only.