IT Risk

**Key Responsibilities**:
**1. Development of ERM Policy and Framework**
- Develop, implement and manage the organisation's compliance and risk management policies and framework to deploy effective strategies.
- Establish a sustainable Enterprise Risk Management Policies and Framework and Risk Rating Matrix to identify, assess, evaluate, measure and monitor key material risks.
- Develop strategies to mitigate risks and ensure compliance of relevant laws and regulations.
- Fostering a culture of risks and compliance and integrate risk management into the Organization's culture, operational activities and decision-making processes.
- Review and update Standard Operating Procedures to adhere to compliance and risks parameters

**2. Risk Identification**:

- Conduct comprehensive risk assessments to identify potential threats and vulnerabilities that could impact the organization's business, operations, finances, technology, human resources or reputation.
- Analyse internal and external factors that may affect the organization's objectives

**3. Risk Assessment**:

- Evaluate the likelihood and potential impact of identified risks.
- Prioritize risks based on their severity and potential consequences.

**4. Risk Mitigation Strategies**:

- Develop and implement risk mitigation plans to reduce the impact of identified risks.
- Collaborate with relevant departments to establish effective control measures.

**5. Incident Reporting**:

- Manage and oversee the generation of incident reports.
- Ensure timely and accurate reporting of incidents, and coordinate appropriate responses.

**6. Compliance Management**:

- Monitor and enforce compliance with standard operating procedures across the operations team.
- Work closely with teams to address any deviations from established procedures.

Service Level Agreement (SLA) Monitoring:

- Establish and maintain service level agreements for key operational processes.
- Monitor the extent to which the company meets service levels and address any deviations.

**7. Reporting to Management and Risk Management Committee**:

- Oversee the quarterly reporting to the Management.
- Prepare and present risk assessments to the Group's Risk Management Committee.

**8. Customer Service Level Reporting**:

- Oversee the periodic reporting of service level performance to customers.
- Ensure accurate and timely communication of service level achievements and improvements.

**9. License Compliance Management**:

- Manage compliance with all matters pertaining to licenses.

**10. Cybersecurity Threat Reporting**:

- Oversee the periodic reporting of cybersecurity threats from the cybersecurity team.
- Work closely with the cybersecurity team to ensure that the cybersecurity team performs prompt assessments to address potential cyber threats.

**11. IT Risk Policies and Regulations**:

- Oversee compliance with IT risk policies and regulations relevant to the nature of the organization's business.
- Collaborate with the IT team to ensure adherence to established IT risk management standards.

**12. ISO Certification Compliance**:

- Manage the Group's compliance with ISO certifications.
- Facilitate the renewal process for ISO certifications and ensure continued adherence to ISO standards.

**13. Insurance Management**:

- Work with the procurement manager to engage with insurance providers to secure appropriate coverage for identified risks.
- Manage insurance policies and claims processes.

**14. Monitoring and Reporting**:

- Regularly monitor and assess the effectiveness of risk mitigation measures.
- Prepare and present comprehensive reports to senior management, stakeholders, and relevant committees.

**15. Crisis Management**:

- Develop and implement crisis management plans to respond to and recover from unexpected events, including business continuity plans of the Group
- Coordinate with relevant teams during crisis situations to minimize impact.

**16. Training and Education**:

- Conduct training sessions to educate employees on risk management principles, incident reporting procedures, and standard operating procedures.
- Foster a risk-aware culture within the organization.

**JOB REQUIREMENT Qualifications**:

- Bachelor's degree in information technology, computer science, or a related field (Master's degree preferred).
- 8 years of experience in risk management; in IT enviromment will be an addded advantage.
- Strong understanding of IT compliance standards and frameworks.
- Excellent communication and interpersonal skills.
- Ability to prioritize tasks and manage time effectively.
- Problem-solving skills and attention to detail

**Job Types**: Full-time, Permanent

Pay: RM8,500.00 - RM11,000.00 per month

**Benefits**:

- Health insurance

Schedule:

- Day shift
- Monday to Friday

Ability to commute/relocate:

- Bangsar South: Reliably commute or planning to relocate before starting work (required)

Application Question(s):

- How many years of experience do you have in IT r