Cybersecurity Risk Specialist
CelcomDigi
Date: 1 day ago
City: Subang Jaya
Contract type: Full time
Job Description
The Cybersecurity Risk Specialist is responsible for executing the organization’s cybersecurity risk management strategy, overseeing the cybersecurity risk acceptance process and supporting tools, conducting enterprise-wide cybersecurity maturity assessments, and evaluating third-party cybersecurity risks. This role is critical in maintaining the organization’s cyber risk posture, enhancing risk governance, and supporting data-driven, risk-informed decision-making by senior management and the Board. The specialist also plays a key role in ensuring compliance with internal policies and regulatory requirements while driving continuous improvement in cybersecurity risk practices.
Responsibilities
Thank you for taking the first step towards joining our team at CelcomDigi! After submitting your application, our Talent Acquisition team will review your CV and reach out to shortlisted candidates to guide you through the next steps, including a pre-screening conversation, interviews and or assessments.
At CelcomDigi, we aspire to be Malaysia’s leading telco-tech company — the nation’s digital growth engine — powering transformation through 5G, AI, and innovation that impacts over 20 million customers. Here, your role goes beyond work. It’s about enabling businesses to thrive, connecting communities, and advancing society, as we build a brand rooted in trust, reliability and customer excellence. Aligned with our employer value proposition, Grow with Purpose. Build with Trust, you’ll have the opportunity to innovate responsibly and create digital solutions that truly make a difference. If you're driven, future focused, and ready to be part of something bigger, we want you on our team.
Let’s advance and inspire Malaysia together! #WeAreCelcomDigi
Follow CelcomDigi on LinkedIn and vote for us as Malaysia’s Most Preferred Employer at the GRADUAN Brand Awards.
CelcomDigi is an equal opportunity employer, and committed to promote employment practices that are transparent, objective and fair.
The Cybersecurity Risk Specialist is responsible for executing the organization’s cybersecurity risk management strategy, overseeing the cybersecurity risk acceptance process and supporting tools, conducting enterprise-wide cybersecurity maturity assessments, and evaluating third-party cybersecurity risks. This role is critical in maintaining the organization’s cyber risk posture, enhancing risk governance, and supporting data-driven, risk-informed decision-making by senior management and the Board. The specialist also plays a key role in ensuring compliance with internal policies and regulatory requirements while driving continuous improvement in cybersecurity risk practices.
Responsibilities
- Perform in-depth assessments of both existing and emerging cybersecurity risks affecting internal systems, applications, and infrastructure, ensuring alignment with the enterprise risk management framework and compliance standards adopted by Celcomdigi
- Monitor and maintain the Cybersecurity Risk Register, tracking mitigation strategies, treatment plans, and control effectiveness to ensure timely remediation of the identified risks.
- Produce periodic cybersecurity risk reports for senior management and Board Risk Committee, highlighting key risk trends, evolving threat landscapes, and significant changes in risk ratings requiring executive attention.
- Manage Cybersecurity Risk Acceptance process, including the evaluation of non-compliance exceptions and documentation of informed business decisions to accept residual risks.
- Facilitate enterprise-wide awareness initiatives to strengthen understanding and adoption of cybersecurity risk acceptance process across business and technical stakeholders.
- Champion the automation and digitalisation of risk management and risk acceptance workflows by enhancing GRC platforms and tools (e.g., ServiceNow, Power Apps).
- Conduct enterprise-wide Cybersecurity Maturity Assessments to evaluate current state, identify gaps, and support roadmap development for improved cyber resilience
- Bachelor's degree in Cybersecurity, Risk Management, Information Technology, or a related field.
- Minimum 3–5 years of experience in cybersecurity risk management, GRC, or related functions.
- Strong understanding of cybersecurity frameworks and regulatory standards (e.g., ISO 27001, NIST CSF, ).
- Experience using GRC Tool and workflow platforms e.g ServiceNow, .
- Demonstrated ability to communicate cybersecurity risks clearly to technical and non-technical stakeholders, including senior management.
- Strong analytical skills, attention to detail, and stakeholder engagement capability.
- Preferred certifications: CRISC, CISA, CISSP, or ISO 27001 Lead Auditor/Implementer.
Thank you for taking the first step towards joining our team at CelcomDigi! After submitting your application, our Talent Acquisition team will review your CV and reach out to shortlisted candidates to guide you through the next steps, including a pre-screening conversation, interviews and or assessments.
At CelcomDigi, we aspire to be Malaysia’s leading telco-tech company — the nation’s digital growth engine — powering transformation through 5G, AI, and innovation that impacts over 20 million customers. Here, your role goes beyond work. It’s about enabling businesses to thrive, connecting communities, and advancing society, as we build a brand rooted in trust, reliability and customer excellence. Aligned with our employer value proposition, Grow with Purpose. Build with Trust, you’ll have the opportunity to innovate responsibly and create digital solutions that truly make a difference. If you're driven, future focused, and ready to be part of something bigger, we want you on our team.
Let’s advance and inspire Malaysia together! #WeAreCelcomDigi
Follow CelcomDigi on LinkedIn and vote for us as Malaysia’s Most Preferred Employer at the GRADUAN Brand Awards.
CelcomDigi is an equal opportunity employer, and committed to promote employment practices that are transparent, objective and fair.
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Field Sales Executive
Ninja Van,
Subang Jaya
4 days ago
Job Responsibility : Directly contribute to the assigned territory's revenue and objectives, ensuring the delivery of growth rates that enhance market share at planned levels in alignment with country targetsProvide effective leadership to designated sales channels and drive continuous improvement through regionally harmonized processes and proceduresConduct joint sales calls, supporting and guiding sales teams in the development of customer strategies...
Project Controller & Expeditor
Emerson,
Subang Jaya
4 days ago
Job Summary JOB DESCRIPTION The individual in this role will be responsible for supervising the smooth implementation and completion of customer projects. The Project Controller will ensure that Project Management operations are carried out effectively and efficiently, meeting or surpassing customer requirements and adhering to project timelines.In This Role, Your Responsibilities Will Be:Develop an expediting plan for the assigned project(s),...
Senior Affiliate Marketer
Alpha Iota BPO,
Subang Jaya
1 week ago
What would you be doing:Affiliate Recruitment and Onboarding:Perform new customer acquisition through research, referrals, networking, cold calling, data feeds, and emails.Affiliate Relationship Management:Maintain open communication with all affiliates on day-to-day issues.Communicate with new and existing affiliates regarding upcoming promotions and optimization opportunities.Reporting and Strategy Development:Develop business strategies to improve affiliate programs.Work with the management team to execute and close new...
