Technology & Security Risk Analyst (Fixed Term Contract)

Job Description:

Dentsu is the network designed for what’s next, helping clients predict and plan for disruptive future opportunities and create new paths to growth in the sustainable economy. Taking a people-centered approach to business transformation, we use insights to connect brand, content, commerce and experience, underpinned by modern creativity.

At dentsu, we’re committed to protecting our clients’ brands and data and therefore, we continue to invest in technology and security governance, risk and compliance across our global technology functions.

Your role as a Technology & Security Risk Analyst, you will be part of our global Technology & Security Risk team and report to the Head of Technology & Security Risk. You will be responsible for implementing our risk management processes into a newly acquired entity and then continue to support the ongoing management of technology and security risks for the entity.

You will work closely with the business stakeholders within the entity and colleagues across technology and security to embed our risk management process for the entity. You will gain an in-depth understanding of the security risk posture within the entity and help them manage their risks effectively and proportionately.

Key responsibilities:

1. Embed our security risk management process within a newly acquired entity, creating the foundation for the ongoing management of security risks for the entity.
2. Support the alignment of dentsu’s global technology and security policies, controls and ISO27001 standard within the newly acquired entity.
3. Work closely with stakeholders to identify, assess, monitor and respond to security risks, in line with the technology & security risk management framework and associated processes.
4. Update the risk register within our GRC platform, e.g. documenting agreed treatment plans, adding regular progress updates, and escalating delays or blockers.
5. Provide risk reporting to stakeholders and, where required, relevant forums, e.g. dentsu international markets Security Risk Committee.
6. Lead security issue management working groups with relevant stakeholders to assess risk issues and develop treatment plans.
7. Provide analysis on key risk areas to drive security maturity and help shape future investment decisions.
8. Understand the external security environment and emerging trends to support security risk management.
9. Support the growth and adoption of technology and security risk management processes across dentsu international markets.

What we’re looking for:

1. 2-3 years of experience in technology and security governance and risk management within a medium or large-sized organisation.
2. General knowledge of all domains within security covering people, process and technology.
3. Experience in stakeholder engagement and strong communication skills.
4. Ability to explain technical complex concepts to non-technical audiences.
5. A self-motivated, proactive, action-oriented approach to achieve deadlines.
6. A collaborative mindset, working alongside others to achieve common objectives.
7. Interest in personal development in the areas of governance, risk, compliance or security.
8. Knowledge of security, technology and enterprise risk management frameworks (desirable).
9. Experience with using industry-leading GRC platforms (desirable).
10. Experience of security compliance initiatives within an enterprise technology environment such as ISO27001, NIST, CIS, PCI DSS, Cyber Essentials (desirable).
11. Experience in using Microsoft Excel, PowerPoint, Forms, and PowerBi (desirable).
12. Achieved or working towards an information security qualification (CISSP, CISM, CISA, CRISC) (desirable).

Location: Kuala Lumpur

Brand: Global Functions

Time Type: Full time

Contract Type: Fixed Term Contract (Fixed Term)