Enable job alerts via email!
Associate Director, Technology Risk
BTI Executive Search Pte Ltd
Selangor
On-site
MYR 120,000 - 180,000
Full time
Job summary
A leading executive search firm in Malaysia is seeking a Technology Risk Guardian to ensure proactive identification and management of technology risks. The ideal candidate will have over 8 years of experience in technology risk or IT audit, with strong communication and stakeholder management abilities. This role is crucial for supporting business objectives while safeguarding information assets and compliance with regulatory standards.
Qualifications
- Minimum of 8-10 years of experience in technology risk, IT audit, or information security.
- At least 3 years in a senior or leadership capacity.
- Proven experience in developing and implementing risk management frameworks.
Responsibilities
- Act as an independent second line of defense for technology risk oversight.
- Review technology risk-taking activities of IT and business-led projects.
- Develop and monitor key risk indicators and control metrics.
Skills
Education
To serve as the independent technology risk guardian for the business, ensuring that technology and information security risks are proactively identified, assessed, and managed within the business's risk appetite. This role is critical for building a resilient technology environment that supports business objectives while safeguarding organization's assets and reputation.
Act as an independent second line of defense, providing robust oversight and constructive challenge to technology and security initiatives across the business.
Review and challenge the technology risk-taking activities of IT, security, and business-led technology projects.
Ensure technology risks are properly evaluated before key decisions are made.
Implement and maintain the Group's technology risk management framework within the business, ensuring it is fit-for-purpose.
Develop and monitor key risk indicators (KRIs) and control metrics to provide a clear view of the technology risk posture.
Facilitate risk and control self‑assessments (RCSAs) and manage the technology risk register.
Serve as a trusted advisor to business leaders, translating complex technology risks into actionable business insights.
Provide pragmatic risk guidance on new technologies, major projects, and third‑party engagements.
Bridge the communication gap between technical teams, business leaders, and senior risk committees.
Ensure compliance with internal technology policies, standards, and relevant external regulations (e.g., SOX, GDPR, NYDFS, etc.).
Prepare and deliver clear, concise, and impactful reports on the health of technology risk management to both business leadership and Group-level risk committees.
Bachelor’s degree in Information Technology, Computer Science, or a related field.
Professional certifications such as CRISC, CISA, CISM, CISSP, or CCSP.
Minimum of 8‑10 years of progressive experience in technology risk, IT audit, or information security, with at least 3 years in a senior or leadership capacity.
Proven experience in developing and implementing risk management frameworks.
Deep understanding of IT governance, infrastructure, application security, and project delivery lifecycle.
Exceptional communication and stakeholder management skills, with the ability to articulate risk concepts to both technical and non‑technical audiences.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
