IT Security & Compliance Senior Executive

Job Title: IT Security & Compliance Senior Executive
Location: 1Utama Shopping Centre (IT Department)
Reports to: Head of IT

The IT Compliance & Security Officer is responsible for ensuring that the IT Department operates in full compliance with internal policies and regulatory requirements imposed by Bank Negara Malaysia (BNM), particularly for E-Money Issuers (EMI).
This role also oversees IT security governance, ensuring that appropriate information security controls, risk management practices, and incident response measures are implemented and maintained to protect critical systems, data, and digital payment platforms.

1. Policy Implementation, Compliance & Governance
   • Assist in the development, implementation, and maintenance of IT compliance and information security policies in line with BNM EMI requirements, industry standards, and internal governance.
   • Ensure IT and security policies are consistently enforced across systems, applications, infrastructure, and service providers.
   • Monitor, assess, and report compliance with internal policies, BNM regulations, and security control requirements.
2. IT Security & Risk Management
   • Identify, assess, and manage IT and information security risks, including cybersecurity, data protection, access control, and system availability risks.
   • Ensure the implementation of appropriate security controls, including segregation of environments, access management, logging, monitoring, and vulnerability management.
   • Coordinate regular IT security risk assessments, compliance reviews, and internal audits.
3. Regulatory & Audit Support
   • Act as the IT compliance and security focal point for regulatory audits, internal audits, and third-party reviews.
   • Prepare audit evidence, compliance documentation, and security control reports for management and regulators.
   • Track audit findings, remediation actions, and closure status.
4. Documentation & Reporting
   • Maintain accurate and up-to-date documentation related to IT compliance, security policies, procedures, risk assessments, and incident records.
   • Prepare regular compliance and security posture reports for the Head of IT and senior management.
   • Document and escalate any compliance breaches, security incidents, or control weaknesses.
5. Incident Response & Security Management
   • Support the investigation and management of IT security incidents, compliance breaches, and system vulnerabilities.
   • Ensure incidents are handled in accordance with approved incident response and escalation procedures.
   • Coordinate corrective and preventive action plans to address root causes and prevent recurrence.
   • Develop and conduct IT compliance and information security awareness programs for IT staff and relevant stakeholders.
   • Promote a strong security and compliance culture across the organization, including third-party service providers where applicable.
   • Support compliance and security assessments of IT vendors, service providers, and outsourced systems handling critical or regulated data.
   • Ensure third-party IT services comply with BNM requirements, contractual obligations, and internal security standards.
6. Continuous Improvement & Regulatory Updates
   • Stay updated on changes to BNM regulations, cybersecurity threats, and industry best practices.
   • Recommend and implement enhancements to IT compliance, security controls, and governance frameworks.

• Bachelor’s degree in Information Technology, Computer Science, Information Security, or a related field.
• Professional certifications such as CISA, CISM, CRISC, ISO 27001, or equivalent is an advantage.
• Minimum 3–5 years of experience in IT compliance, IT security, risk management, or related roles.
• Strong understanding of BNM regulatory requirements, particularly for E-Money Issuers.
• Knowledge of IT security domains including access control, network security, system hardening, incident response, and vendor risk management.
• Strong analytical, documentation, and problem-solving skills.
• Effective communication skills with the ability to engage technical teams, management, and external auditors.
• Ability to work independently and collaboratively in a regulated environment.

Commensurate with experience and qualifications.

• Full-time position based at 1Utama Shopping Centre.
• Occasional extended hours may be required during audits, security incidents, or regulatory deadlines.