Enable job alerts via email!

IT Security Governance and Risk Management Analyst

EPF Malaysia

Petaling Jaya

On-site

MYR 100,000 - 150,000

Full time

19 days ago

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

EPF Malaysia seeks a Cybersecurity Advisor to strengthen governance through risk assessments and advisory services. The role includes ensuring security alignment for business initiatives, coordinating with teams, and developing IT security frameworks. Ideal candidates will have at least 4-7 years of relevant experience and a degree in related fields.

Qualifications

Malaysian citizen with SPM Malay Language proficiency.
4-7 years experience in IT security, risk management, or cybersecurity advisory roles.
Certifications like CISM, CISSP, or CRISC are desirable.

Responsibilities

Provide IT security advisory for business initiatives and systems implementations.
Review IT change requests and recommend mitigation strategies for security risks.
Monitor the implementation of risk mitigation plans and follow up with departments.

Skills

Analytical thinking

Communication

Stakeholder engagement

Education

Bachelor's Degree in Computer Science/Information Technology/Cybersecurity

JOB SUMMARY

This position will be reporting to the Head of Security Governance & Risk Management Section and will function under the Advisory & Governance Unit.
Support and strengthen cybersecurity governance through comprehensive risk assessments, in-depth advisory services, and proactive engagement with key stakeholders to ensure compliance with internal policies and regulatory standards.

JOB RESPONSIBILITIES

Provide IT security advisory for business initiatives, systems implementations, and operational processes to ensure alignment with security policies and risk appetite.
Review and assess IT change requests, vendor solutions, technology initiatives and third-party controls for security risks and recommend mitigation strategies.
Support the execution, and analyse cybersecurity simulation exercises (e.g., phishing, smishing) to test and enhance organizational readiness.
Monitor the implementation of risk mitigation plans and follow up with relevant departments to ensure timely closure of issues.
Participate in governance forums on matters relating to IT risk and security governance.
Prepare reports, presentations, and dashboards on cybersecurity risk posture, incidents, and remediation progress for internal stakeholders and management.
Contribute to the development and refinement of IT security governance frameworks, policies, and procedures.
Ensure the security assessment exercise is conducted and remediated in a timely manner.

JOB REQUIREMENTS

Malaysian citizen.
Pass Malay Language including oral test at Sijil Pelajaran Malaysia (SPM) level.
Possess a Bachelor's Degree in Computer Science/ Information Technology, Cybersecurity or equivalent qualification from accredited higher learning institutions.
Minimum 4 – 7 years of experience in IT security, risk management, or cybersecurity advisory roles.
Strong understanding of information security principles, risk assessment methodologies, and regulatory frameworks (e.g., ISO 27001, NIST, CIS).
Excellent analytical thinking, communication, and stakeholder engagement skills.
Experience coordinating with cross-functional teams on security governance and compliance efforts.
Professional certifications such as CISM, CISSP, CRISC, or equivalent are highly desirable.

JOB STATUS

Permanent

All applications are strictly CONFIDENTIAL and only shortlisted candidates will be called in for interview. Applications are deemed UNSUCCESSFUL if there is no feedback from the EPF 2 MONTHS after the closing date of the advertisement.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.