Manager, Technology Risk | Risk Specialist and Technology Supervision (RSTS)

Add expected salary to your profile for insights

Provide leadership in macro surveillance and/or risk quantification to identify, assess, and mitigate emerging technology risks, thereby strengthening financial sector resilience and promoting public confidence. Contribute to the capacity building of IT and prudential supervisors to strengthen technology risk management.

The role leads the development and governance of (but not limited to):

(a) Macro surveillance: Conduct horizontal surveillance of emerging technology risks by developing strategy to identify the risks via onsite and offsite surveillance. Oversee research and development in best practices in technology risk management to facilitate development of prudential standards for the financial sector.

(b) Risk quantification: Provide technical expertise in risk quantification analysis to promote the development of sound technology risk management in the financial industry for financial stability and public confidence.

PRINCIPAL ACCOUNTABILITIES

• Conduct horizontal assessment of risk management models, methodologies or practices to identify issues, norms and best practice.
• Lead risk infrastructure improvement initiatives to ensure robust and continuously improving risk measurement and mitigation infrastructure in financial institutions (FIs).
• Develop effective advanced surveillance infrastructure and tools for early detection of emerging risks (for BNM) to aid macro and micro institution level monitoring.
• Lead and manage the development and review of IT prudential standards and guidelines to ensure pragmatic implementation of regulatory policies.
• Provide technical input in new-to-market product and technology approval applications to ensure early detection of potential disruption to financial markets, technology and operations of financial industry.
• Provide training on technical areas to strengthen capacity of supervisors in IT risk management.
• Maintain strong collaboration with relevant stakeholders to influence and enhance IT risk infrastructure developments and best practices.

NATURE OF ACCOUNTABILITIES AND COMPETENCIES

The role of Associate risk specialist is a combination of tactical with strategic elements, as it involves translating high-level risk management objectives into actionable assessments, infrastructure improvements, and regulatory guidance. It supports strategic goals through technical execution and policy development.

The manager is responsible for addressing multi-dimensional and evolving problems in risk management, IT risk, and surveillance, requiring both technical and policy-oriented solutions. Amont others, the problem-solving involves integrating diverse information sources—including supervisory data, industry benchmarks, regulatory standards, and technical specifications.

The role also requires innovative thinking, especially when identifying systemic risk trends or proposing enhancements to risk infrastructure. Solutions must be forward-looking and capable of addressing future challenges in a rapidly evolving financial and technological landscape.

Overall, success in the role depends on balancing technical expertise, regulatory insight, and strategic foresight to strengthen institutional resilience and supervisory effectiveness.

The Manager holds professional responsibility in providing technical direction in risk, IT surveillance, and risk infrastructure development. The role also contributes to designing and delivering training programs to enhance supervisory capabilities in IT risk management.

The role involves cross-functional collaboration with internal stakeholders such as supervisory teams, policy units, IT departments, and senior management - to ensure alignment between technical assessments, and supervisory priorities. It also engages with external stakeholders such as financial institutions, industry bodies, and regulators, particularly in product approvals and risk infrastructure initiatives

The Manager must be able to influence and guide stakeholders through evidence-based recommendations, ensuring that risk management practices are both pragmatic and forward-looking. This includes advocating for best practices, identifying gaps, and fostering collaboration to strengthen the overall risk ecosystem.

The role demands credibility and trust-building, particularly when engaging with external parties on sensitive or emerging risk issues. Effective stakeholder management is key to driving adoption of standards, securing buy-in for infrastructure improvements, and ensuring the relevance of supervisory tools.

REQUIREMENTS

Academic Qualifications

• Bachelor’s degree or professional qualifications in IT-related programmes, or other disciplines such as engineering, accounting, economics, banking or finance background

Certifications

• Professional certifications related to information systems security, auditing, control, assurance and risk management such as Certified Information System Auditor (CISA), Certified Information Security Manager (CISM), Certified Information System Security Professional (CISSP), Certified Ethical Hacker (CEH), Certificate of Cloud Security Knowledge (CCSK), ISO27001 certification, ITIL, OpenGroup FAIR will be an added advantage.

Experience

• At least 5-7 years of working experience in IT risk management or IT operations function internally or from a sizeable organization (ideally from the Financial Industry).

ONLY SHORTLISTED CANDIDATE WILL BE NOTIFIED

Salary match Number of applicants Skills match

Your application will include the following questions:

• Have you completed a Certified Information Systems Auditor (CISA) qualification?
• Which of the following statements best describes your right to work in Malaysia?
• What’s your expected monthly basic salary?
• Which of the following types of qualifications do you have?
• How many years' experience do you have as a Technology Risk Manager?
• Have you completed a Certified Information Systems Security Professional (CISSP) certification?
• How many years of auditing experience do you have?
• How many years' experience do you have as a Quantitative Analytics Analyst?

Bank Negara Malaysia, as the nation's Central Bank, is committed to excellence in promoting monetary and financial system stability and fostering a sound and progressive financial sector, to achieve sustained economic growth for the benefit of the nation. Bank Negara Malaysia also places high importance in its developmental role with respect to economic management, institutional building and the development of the financial system infrastructure.

The Bank invests heavily in nurturing our talent to enhance their performance and realising their potential. Targeted talent development and career growth opportunities, continues to be given focus to drive performance.

Bank Negara Malaysia, as the nation's Central Bank, is committed to excellence in promoting monetary and financial system stability and fostering a sound and progressive financial sector, to achieve sustained economic growth for the benefit of the nation. Bank Negara Malaysia also places high importance in its developmental role with respect to economic management, institutional building and the development of the financial system infrastructure.

The Bank invests heavily in nurturing our talent to enhance their performance and realising their potential. Targeted talent development and career growth opportunities, continues to be given focus to drive performance.

To help fast track investigation, please include here any other relevant details that prompted you to report this job ad as fraudulent / misleading / discriminatory / salary below minimum wage.

Researching careers? Find all the information and tips you need on career advice.