Enable job alerts via email!
IT Governance, Risk & Compliance Analyst
Petron Malaysia Refining & Marketing Bhd
Kuala Lumpur
On-site
MYR 40,000 - 80,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
An established industry player is seeking a dedicated Information Security Manager to oversee the governance, risk management, and compliance programs. This role involves leading the development of security policies, facilitating audits, and ensuring compliance with regulatory standards. The ideal candidate will have a strong background in information security, risk management, and a solid understanding of IT security technologies. Join a dynamic team focused on safeguarding information assets while promoting a culture of security awareness across the organization. If you are passionate about information security and ready to take on new challenges, this opportunity is perfect for you.
Qualifications
- 3-5 years of experience in information security roles.
- Proven ability in risk management and monitoring.
Responsibilities
- Lead and improve information security control policies and guidelines.
- Manage change management processes and guidelines.
- Oversee internal and external security audits.
Skills
Education
Tools
Job description
Responsible for developing, implementing, and managing the organization's Information Security Governance, Risk Management, and Compliance (GRC) programs. Ensure that information security controls, processes, and solutions are clearly defined and effectively implemented, aligning with current business needs and relevant regulatory standards, including NIST CSF, PCI DSS, BNM RMiT, and ISO/IEC 27001 Standards.
- Lead and improve information security control policies, procedures, and guidelines in line with regulatory, ISMS requirements, and industry best practices
- Facilitate periodic reviews of security policies and procedures
- Promote awareness through IT security bulletins on cybersecurity topics
- Provide training on governance, compliance, risk management, and security matters
- Develop and implement security policies for all business units
- Maintain the risk register within the GRC platform
- Manage change management processes and guidelines
- Lead internal and external security audits and compliance reviews
- Oversee technology change lifecycle and third-party security assessments
- Evaluate third-party risks, generate compliance reports, and support budget planning
- Bachelor’s Degree or Diploma in Computing, Information Technology, or Computer Security
- 3-5 years of experience in a similar role
- ISO27001:2013/2022 certification
- Knowledge of ISMS framework, compliance, and risk assessment
- Understanding of IT security technologies and controls
- Familiarity with NIST, ISO 27001, PCI DSS standards
- Experience in developing IT policies and procedures
- Proven ability in risk management and monitoring
- Experience with IT project coordination
- Ability to investigate security incidents and document findings
- Strong communication skills
- Effective time management skills
Thank you for your interest in joining Petron Malaysia. We look forward to your application. Please note that only shortlisted candidates will be contacted.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
