Lead & Technology Risk & Data Governance

We are seeking a proactive and driven professional to join our team as a Technology & Cyber Risk Specialist. In this role, you will play a key part in safeguarding our technology landscape by implementing and maintaining robust IT, cyber risk, and data governance frameworks. You will help shape how we manage risk and data across the organization, ensuring we remain resilient, compliant, and ahead of the curve in today’s dynamic environment.

• Develop & Maintain Frameworks – Assist in reviewing, enhancing, and implementing frameworks, policies, methodologies, and tools related to Technology Risk, Project Risk, Data Governance, and Information Classification & Handling.
• Provide Risk Advisory – Actively contribute to key committees including the Cyber Emergency Response Team (CERT) and IT Architecture Review Committee (ARC).
• Lead Risk Assessments – Conduct independent assessments on technology risks, including those related to IT projects, and maintain a comprehensive technology risk register.
• Raise Awareness – Develop risk awareness programs and training to cultivate a strong risk-aware culture across the organization.
• Data Governance Leadership – Oversee enterprise-level data governance practices, monitor data breaches via DLP tools, and promote best practices in data management.
• Report & Communicate – Provide regular analysis on cybersecurity threats to Management and the Board, ensuring leadership is equipped with the right insights to make informed decisions.
• Secretariat to Committee – Assist Head of Operational & Technology Risk in coordinating and capturing key deliberations and decisions by Management in the committee meetings related to Operational & Technology Risk areas.

• A recognized degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Professional certifications (advantageous): CRISC, CISA, CISSP, or CISM.
• Minimum of 5 years’ experience in IT Risk, IT Security, or related fields.
• Solid knowledge of IT risk management frameworks such as NIST Cybersecurity Framework, COBIT, and relevant regulatory guidelines (e.g., BNM RMiT, SC Guidelines).
• Strong business-oriented mindset with an understanding of how technology risks impact organizational objectives.
• Broad knowledge of IT systems, cybersecurity concepts, and emerging threat landscapes.
• Detail-oriented yet able to maintain a strategic view.
• Strong analytical skills in gathering, interpreting, and presenting data.
• Excellent communication skills—both written and verbal—with the ability to convey technical risks to non-technical stakeholders.
• Collaborative, proactive, and able to work in a fast-paced environment with minimal supervision.

Please note that only shortlisted candidates will be contacted for further steps in the selection process.

Perks and benefits: Medical education support, insurance, wellness scheme (holiday scheme, dental).