Job Description
Are you a seasoned IT professional with a passion for safeguarding digital infrastructure? Mills Recruitment is currently partnering with a prestigious client based in the heart of Kuala Lumpur to appoint a Senior Executive - IT Security, Risk & Compliance. This is a pivotal role designed for an analytical thinker who thrives in high-stakes environments and is committed to maintaining the highest standards of cybersecurity and regulatory compliance.
As our Senior Executive, you will play a critical role in developing, implementing, and monitoring our client's security frameworks. You will be the primary point of contact for identifying potential vulnerabilities, managing risk assessments, and ensuring that all organizational processes align with international security standards and local regulatory requirements. If you possess a sharp eye for detail, a proactive approach to risk management, and the ability to bridge the gap between technical operations and business compliance, we want to hear from you.
Joining this team means being at the forefront of digital resilience. You will collaborate with cross-functional departments to cultivate a culture of security awareness, ensuring that the organization remains protected against evolving cyber threats while facilitating seamless business operations.
Responsibilities
- Develop and maintain comprehensive IT security policies, standards, and procedures to protect corporate information assets.
- Conduct regular internal audits and risk assessments to identify, evaluate, and mitigate potential security vulnerabilities.
- Monitor compliance with ISO 27001, PDPA, and other relevant industry-specific regulatory requirements.
- Lead incident response activities and provide post-incident analysis to strengthen defensive posture.
- Collaborate with stakeholders to ensure security requirements are integrated into new IT project lifecycles.
- Provide regular reporting on risk metrics, security performance, and compliance status to management.
- Maintain oversight of third-party security assessments and vendor risk management processes.
Qualifications
- Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.
- Minimum 4-6 years of experience in IT Security, Risk Management, or Internal/IT Audit.
- Professional certifications such as CISSP, CISA, CISM, or CRISC are highly preferred.
- Strong understanding of security frameworks like ISO/IEC 27001, NIST, or COBIT.
- Proven track record in managing regulatory compliance (PDPA) and information security governance.
- Excellent analytical, problem-solving, and communication skills with the ability to translate technical concepts for non-technical stakeholders.
- Ability to work independently and manage multiple priorities in a fast-paced corporate environment.