Senior, IT & Cyber Security Controls

Get To Know Our Company

GX Bank Berhad - the Grab-led Digital Bank - is the FIRST digital bank in Malaysia, approved by BNM to commence operations. We aim to leverage technology and innovation to serve the financial needs of the unserved and underserved individuals, and micro and small medium enterprises.

We are driven by our shared purpose and passion to bring positive transformation to the banking industry, starting with solutions that address the financial struggles of Malaysians and businesses.

Get To Know The Role

• Framework and Policy Management: Assist in the management of relevant frameworks and policies to ensure strict compliance with both regulatory requirements and internal standards.
• Risk and Control Management: Actively assess the effectiveness of internal controls and propose practical remediation actions as needed. You will track and monitor the implementation of all risk mitigation measures to ensure full closure.
• Audit and Reporting: Prepare and compile clear, periodic reports and updates on technology risk & security control activities for management. You will analyse results from self-assessments and internal/external audits to help formulate effective remedial solutions.
• Regulatory Liaison: Provide support and assistance during internal and external audits, as well as regulatory examinations and inspections.
• Security and Awareness: Coordinate and support all security awareness-related activities, including campaigns, roadshows, trainings, and simulations, to embed a strong risk culture throughout the organization.
• KPI Delivery: Execute and deliver on agreed-upon Key Performance Indicators (KPIs) related to the role and responsibilities.
  
  

The Must Haves

• At least 5 years of experience, preferably in risk management, IT audit, information security or IT compliance.
• Knowledge of cloud environments or prior experience working with public cloud services (eg. AWS)
• Self-starter with the interest and ability to research and improve on new technologies knowledge and cyber security trends.
• Advanced understanding of:
• i. Cyber security framework and practices, such as NIST CSF, ISO27001, OWASP
• ii. Risk management methodology and frameworks
• iii. Regulatory requirements such as RMiT, Cyber Security Act, PDPA