What Jobs are available for Cyber Risk in Malaysia?

**About the Role:**
**Grade Level (for internal use):**
10
**The Team:** As part of Vendor Risk Management, the Vendor Cyber Risk Management team manages the Supply Chain Cyber risks by performing risk assessments of third-party engagements to identify and reduce the risks posed by third parties. This is an extremely important role, considering the fact that large number of data breaches happen due to third parties. It involves working with internal stake holders as well as third parties to achieve the results.
**The Impact:** Working in Vendor Risk Management offers the opportunity to continuously enhance processes to meet the evolving requirements of various regulators. This challenging environment provides ample opportunities to expand your knowledge and expertise.
**What's in it for you:** In addition to risk assessments, recertifications, and continuous monitoring, you will participate in various projects, allowing you to showcase and further develop your skills and experience.
**Responsibilities:**
+ Conduct thorough Cybersecurity, Business Continuity, Artificial Intelligence, Cloud Service Prover and Privacy assessments for Vendors, evaluating their information security policies, procedures, and controls.
+ Effectively collaborate with internal teams to identify critical vendors and assess their potential impact on the organization's cyber risk profile.
+ Communicate risk assessment findings and recommendations to key stakeholders, including senior management, legal, and compliance teams.
+ Work closely with vendors to address identified security gaps and ensure they meet the organization's cybersecurity requirements.
+ Review the vendors on the continuous monitoring program and assisting in driving the periodically review the vendors.
+ Monitor and stay abreast of evolving cybersecurity threats and industry trends to enhance the effectiveness of the risk assessment process.
+ Lead and support enhancement projects within Vendor Risk Management to meet various business and regulatory requirements.
+ Assist the team members in balancing the load and managing Ad-hoc projects.
**What We're Looking For:**
**Basic Required Qualifications:**
+ Bachelor's degree in computer science or engineering or equivalent
+ Minimum 8 years of experience in Information Security or Technology Risk Management
+ Any prior exposure to vendor risk management and/ or privacy laws and regulations is a plus.
+ Demonstrable understanding of the concepts of technology controls and information security controls.
+ Exposure to cloud technologies and cloud security is highly desired; the familiarity with pubic cloud technologies such as Amazon Web Services (AWS) or Microsoft Azure or Google Cloud is highly preferred.
+ Excellent communication skills - a must. The resource should have the ability to communicate with cross-functional teams and vendors, both written and oral communication is critical.
**Additional Preferred Qualifications:**
+ This position is required to work in UK Shift; flexibility is a must, especially when it comes to vendor and internal meetings held during US business hours.
+ Strong organizational skills with the ability to multitask and prioritize while maintaining close attention to detail.
+ Ability to build strategic partnerships with internal stakeholders.
+ Must be a critical thinker with strong qualitative skills.
+ Information Security/Risk Management certification would be an advantage.
**What's In It For** **You?**
**Our Purpose:**
Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology-the right combination can unlock possibility and change the world.
Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress.
**Our People:**
We're more than 35,000 strong worldwide-so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all.
From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We're committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We're constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference.
**Our Values:**
**Integrity, Discovery, Partnership**
At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of **integrity** in all we do, bring a spirit of **discovery** to our work, and collaborate in close **partnership** with each other and our customers to achieve shared goals.
**Benefits:**
We take care of you, so you can take care of business. We care about our people. That's why we provide everything you-and your career-need to thrive at S&P Global.
Our benefits include:
+ Health & Wellness: Health care coverage designed for the mind and body.
+ Flexible Downtime: Generous time off helps keep you energized for your time on.
+ Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
+ Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.
+ Family Friendly Perks: It's not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.
+ Beyond the Basics: From retail discounts to referral incentive awards-small perks can make a big difference.
For more information on benefits by country visit: Hiring and Opportunity at S&P Global:**
At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets.
**Recruitment Fraud Alert:**
If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to . S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, "pre-employment training" or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here ( .
---
**Equal Opportunity Employer**
S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.
If you need an accommodation during the application process due to a disability, please send an email to:   and your request will be forwarded to the appropriate person. 
**US Candidates Only:** The EEO is the Law Poster   describes discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - - Professional (EEO-2 Job Categories-United States of America), IFTECH202.1 - Middle Professional Tier I (EEO Job Group)
**Job ID:**
**Posted On:**
**Location:** Hyderabad, Telangana, India

About the Role

Grade Level (for internal use): 10 The Team:

As part of Vendor Risk Management, the Vendor Cyber Risk Management team manages the Supply Chain Cyber risks by performing risk assessments of third-party engagements to identify and reduce the risks posed by third parties. This is an extremely important role, considering the fact that large number of data breaches happen due to third parties. It involves working with internal stake holders as well as third parties to achieve the results. The Impact:

Working in Vendor Risk Management offers the opportunity to continuously enhance processes to meet the evolving requirements of various regulators. This challenging environment provides ample opportunities to expand your knowledge and expertise. What’s in it for you:

In addition to risk assessments, recertifications, and continuous monitoring, you will participate in various projects, allowing you to showcase and further develop your skills and experience. What’s In It For You? Responsibilities: Conduct thorough Cybersecurity, Business Continuity, Artificial Intelligence, Cloud Service Prover and Privacy assessments for Vendors, evaluating their information security policies, procedures, and controls.

Effectively collaborate with internal teams to identify critical vendors and assess their potential impact on the organization's cyber risk profile.

Communicate risk assessment findings and recommendations to key stakeholders, including senior management, legal, and compliance teams.

Work closely with vendors to address identified security gaps and ensure they meet the organization's cybersecurity requirements.

Review the vendors on the continuous monitoring program and assisting in driving the periodically review the vendors.

Monitor and stay abreast of evolving cybersecurity threats and industry trends to enhance the effectiveness of the risk assessment process.

Lead and support enhancement projects within Vendor Risk Management to meet various business and regulatory requirements.

Assist the team members in balancing the load and managing Ad-hoc projects.

What We’re Looking For

Basic Required Qualifications: Bachelor’s degree in computer science or engineering or equivalent

Minimum 8 years of experience in Information Security or Technology Risk Management

Any prior exposure to vendor risk management and/ or privacy laws and regulations is a plus.

Demonstrable understanding of the concepts of technology controls and information security controls.

Exposure to cloud technologies and cloud security is highly desired; the familiarity with pubic cloud technologies such as Amazon Web Services (AWS) or Microsoft Azure or Google Cloud is highly preferred.

Excellent communication skills - a must. The resource should have the ability to communicate with cross-functional teams and vendors, both written and oral communication is critical.

Additional Preferred Qualifications

This position is required to work in UK Shift; flexibility is a must, especially when it comes to vendor and internal meetings held during US business hours.

Strong organizational skills with the ability to multitask and prioritize while maintaining close attention to detail.

Ability to build strategic partnerships with internal stakeholders.

Must be a critical thinker with strong qualitative skills.

Information Security/Risk Management certification would be an advantage.

What’s In It For You?

Our Purpose: Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world. Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence, pinpointing risks and opening possibilities. We Accelerate Progress. Our People: We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all. From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference. Our Values: Integrity, Discovery, Partnership At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of

integrity

in all we do, bring a spirit of

discovery

to our work, and collaborate in close

partnership

with each other and our customers to achieve shared goals. Benefits: We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global. Our benefits include: Health & Wellness: Health care coverage designed for the mind and body.

Flexible Downtime: Generous time off helps keep you energized for your time on.

Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.

Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.

Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.

Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.

For more information on benefits by country visit: Global Hiring and Opportunity at S&P Global: At S&P Global, we are committed to fostering a connected and engaged workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and merit, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets. Recruitment Fraud Alert: If you receive an email from a spglobalind.com domain or any other regionally based domains, it is a scam and should be reported to . S&P Global never requires any candidate to pay money for job applications, interviews, offer letters, “pre-employment training” or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines, fraudulent domains, and how to report suspicious activity here ( . Equal Opportunity Employer S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: and your request will be forwarded to the appropriate person. US Candidates Only:

The EEO is the Law Poster discrimination protections under federal law. Pay Transparency Nondiscrimination Provision - 20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.1 - Middle Professional Tier I (EEO Job Group) Job ID:

Posted On:

Location:

Hyderabad, Telangana, India

#J-18808-Ljbffr

What's the role? You will be part of the Global Cyber Risk, Control & Assurance team and work with your fellow Cyber Risk and Controls Officers to proactively identify, evaluate, and manage IT & cyber risks at Hilti.

This is a full-time position available immediately.

What does the role involve? You will support the PO IT & Cyber Risk Management in assessing cyber risks and assist during internal and external IT audits. You will help maintain compliance with relevant attestations (ISO27001, SOC2) and regulations (NIS2, CRA, AI Act, GDPR). Your responsibilities include conducting third-party risk assessments, monitoring IT controls, and supporting BCP and operational resilience activities to ensure continuous IT operations.

What you need is:

Bachelor’s degree in computer science, software development, cybersecurity, risk management, or a related field; a Master’s degree is advantageous.

Minimum of 2 years of experience in Cybersecurity, Cyber Risk, GRC, Compliance, Audit, or BCM.

An entrepreneurial mindset, team player, analytical skills, and problem-solving abilities.

Fluent in English (verbal and written) with excellent communication skills.

Familiarity with risk frameworks (ISO, NIST, ISF SoGP) and regulations (NIS2, EUCRA, GDPR, AI Act).

Experience with control assessments against standards like ISO27001, SOC2, and cyber regulations.

Proven experience in conducting cyber risk assessments, supporting IT and cyber audits, and assessing third parties.

Preferred certifications include CISA, ISO27001 Lead Implementer, CRISC.

Why should you apply? You believe cybersecurity is a business enabler and essential for digital transformation. You can communicate IT & cyber risks effectively to stakeholders and are interested in emerging threats and trends such as AI and quantum computing. You enjoy conducting risk assessments and ensuring operational resilience.

What do we offer? Hilti fosters a caring, performance-oriented culture recognized as a Great Place to Work 2024. We provide competitive rewards and career development opportunities to support your success.

Click here to learn more:

Kuala Lumpur | Hilti Careers

#J-18808-Ljbffr

What's the role?

You will be part of the Global Cyber Risk, Control & Assurance team and, together with your fellow Cyber Risk and Controls Officers, ensure that IT & cyber risks at Hilti are proactively identified, evaluated, and managed. This full-time position is available as soon as possible. What does the role involve?

You will support the PO IT & Cyber Risk Management in assessing cyber risks and assist during internal as well as external IT audits. You will help maintain our compliance with relevant attestations (ISO27001, SOC2) and regulations (NIS2, CRA, AI Act, GDPR). Additionally, you will conduct third-party risk assessments, monitor IT controls to manage risk exposure, and support our BCP and operational resilience activities to ensure uninterrupted IT operations. What you need is:

Bachelor’s degree in computer science, software development, cybersecurity, risk management, or related discipline; a Master’s Degree is an advantage At least 2+ years of experience in Cybersecurity, Cyber Risk, GRC, Compliance, Audit, BCM An entrepreneurial mindset, team player, analytical proficiency, and good problem-solving skills Fluent in English (verbally and written) with excellent communication skills Familiarity with relevant risk frameworks (ISO, NIST, ISF SoGP) and regulations (NIS2, EUCRA, GDPR, AI Act) Familiarity with control assessments against security standards (ISO27001, SOC2) and cyber regulations Proven experience with conducting cyber risk assessments, supporting IT and cyber audits, and assessing third parties Preferred if you possess one or more of the following: CISA, ISO27001 Lead Implementer, CRISC Why should you apply?

You strongly believe that cybersecurity is a business enabler and that there is no digital transformation without addressing IT & cyber risks. You understand the importance of communicating IT & cyber risks to stakeholders in relatable terms. You are interested in exploring new cyber threats and technological trends (e.g., AI, quantum) and their risks to organizations. You are excited about conducting cyber risk assessments and ensuring operational resilience. What do we offer?

At Hilti, we believe in a caring and performance-oriented culture. Our people are our greatest strength, and our Great Place to Work 2024 recognition celebrates our commitment to a culture that values care, performance, and innovation. We offer competitive rewards and comprehensive career development opportunities to ensure your success. Click on the link to know more:

Kuala Lumpur | Hilti Careers

#J-18808-Ljbffr

What's the role?

You will be part of the Global Cyber Risk, Control & Assurance team and together with your fellow Cyber Risk and Controls Officers you ensure that IT & cyber risks at Hilti are proactively identified, evaluated and managed. This full-time position is available as soon as possible. What does the role involve?

You will support the PO IT & Cyber Risk Management in assessing cyber risks and support during internal as well as external IT audits. You will support activities that help us maintain our compliance with relevant attestations (ISO27001, SOC2) and regulations (NIS2, CRA, AI Act, GDPR). You will conduct third-party risk assessments and monitor IT controls to manage our risk exposure. Lastly, you will support our BCP and operational resilience activities to ensure uninterrupted IT operations. What you need is:

Bachelor’s degree in computer science, software development, cybersecurity, risk management or related discipline, a Master’s Degree is an advantage for this position At least 2+ year experience in Cybersecurity, Cyber Risk, GRC, Compliance, Audit, BCM An entrepreneurial mindset, team player, analytical proficiency and good problem-solving skills Fluent in English (verbally and written) with excellent communication skills Familiarity with relevant risk frameworks (ISO, NIST, ISF SoGP) and regulations (NIS2, EUCRA, GDPR, AI Act) Familiarity with control assessments against security standards (ISO27001, SOC2) and cyber regulations Proven experience with conducting cyber risk assessments, supporting IT and cyber audits, assessing third parties Preferred if you possess one or more of the following: CISA, ISO27001 Lead Implementer, CRISC Why should you apply?

You strongly believe that cybersecurity is a business enabler and that there is no digital transformation without taking care of the IT & cyber risks that come along. You understand the importance of communicating IT & cyber risks to relevant stakeholders in a language that they can relate to. You are interested in exploring new cyber threats and technological trends (e.g. AI, quantum) and what risks they pose to organizations. You get excited about conducting cyber risk assessments of technology, processes and vendors as well as ensuring operational resilience. What do we offer?

At Hilti, we believe in a caring and performance-oriented culture. Our people are our greatest strength, and our Great Place to Work 2024 recognition celebrates our commitment to a culture that values care, performance, and innovation. We offer competitive rewards and comprehensive career development opportunities that ensure your success is our priority. Click on the link to know more: Kuala Lumpur | Hilti Careers

#J-18808-Ljbffr

What's the role? You will be part of the Global Cyber Risk, Control & Assurance team and work with your fellow Cyber Risk and Controls Officers to proactively identify, evaluate, and manage IT & cyber risks at Hilti.

This is a full-time position available immediately.

What does the role involve? You will support the PO IT & Cyber Risk Management in assessing cyber risks and assist during internal and external IT audits. Your activities will help maintain compliance with relevant standards and regulations such as ISO27001, SOC2, NIS2, CRA, AI Act, and GDPR. Additionally, you will conduct third-party risk assessments, monitor IT controls, and support BCP and operational resilience activities to ensure continuous IT operations.

What you need is:

Bachelor’s degree in computer science, software development, cybersecurity, risk management, or a related discipline; a Master’s degree is advantageous.

At least 2+ years of experience in Cybersecurity, Cyber Risk, GRC, Compliance, Audit, or BCM.

An entrepreneurial mindset, team player, analytical skills, and problem-solving ability.

Fluent in English (verbal and written) with excellent communication skills.

Familiarity with risk frameworks (ISO, NIST, ISF SoGP) and regulations (NIS2, EUCRA, GDPR, AI Act).

Experience with control assessments against standards like ISO27001, SOC2, and cyber regulations.

Proven experience conducting cyber risk assessments, supporting IT and cyber audits, and assessing third parties.

Preferred certifications include CISA, ISO27001 Lead Implementer, CRISC.

Why should you apply? You believe cybersecurity is a business enabler and essential to digital transformation. You can communicate IT & cyber risks effectively to stakeholders and are interested in emerging threats and trends such as AI and quantum computing. You enjoy conducting risk assessments and ensuring operational resilience.

What do we offer? At Hilti, we foster a caring, performance-oriented culture. Recognized as a Great Place to Work 2024, we value care, performance, and innovation. We provide competitive rewards and career development opportunities to support your success.

Click here to learn more:

Kuala Lumpur | Hilti Careers

#J-18808-Ljbffr

Overview

Hilti Group Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia. You will be part of the Global Cyber Risk, Control & Assurance team and work with Cyber Risk and Controls Officers to ensure IT & cyber risks are identified, evaluated and managed. This full-time position is available as soon as possible. What does the role involve?

You will support the PO IT & Cyber Risk Management in assessing cyber risks and support during internal as well as external IT audits. You will support activities that help us maintain our compliance with attestations (ISO27001, SOC2) and regulations (NIS2, CRA, AI Act, GDPR). You will conduct third-party risk assessments and monitor IT controls to manage our risk exposure. You will support our BCP and operational resilience activities to ensure uninterrupted IT operations. What do we offer?

A caring and performance-oriented culture. A recognised Great Place to Work 2025, which celebrates our commitment to a culture that values care, performance, and innovation for our greatest strength, our people. Competitive rewards and comprehensive career development opportunities that ensure your success is our priority. Learn more Kuala Lumpur | Hilti Careers What you need

To help you succeed, we’ll provide you with everything you need so that we’re driving impact together from day one. Here’s what you’ll need to bring with you: Bachelor’s degree in computer science, software development, cybersecurity, risk management or related discipline; a Master’s Degree is an advantage. At least 2+ years experience in Cybersecurity, Cyber Risk, GRC, Compliance, Audit, BCM An entrepreneurial mindset, team player, analytical proficiency and good problem-solving skills; Fluent in English (verbal and written) with excellent communication skills. Familiarity with relevant risk frameworks (ISO, NIST, ISF SoGP) and regulations (NIS2, EUCRA, GDPR, AI Act) Familiarity with control assessments against security standards (ISO27001, SOC2) and cyber regulations Proven experience with conducting cyber risk assessments, supporting IT and cyber audits, assessing third parties Desirable: one or more of the following: CISA, ISO27001 Lead Implementer, CRISC Seniority level

Entry level Employment type

Full-time Job function

Finance and Sales Industries: Construction

#J-18808-Ljbffr

Malaysia Job Description

Key Responsibilities Drive

the implementation of compliance of GTD units with the

Operational Risk Framework ,

GroupTechnology Risk Management Framework (GTRMF) ,

Cyber Resilience Framework (CRF), Cloud Risk Management Framework (CRMF)

and

BNM’s Risk Management in Technology (RMiT)

which includes providing advisory and guidance to business units to comply with the frameworks & policies. Provide

Leadership and Insights

in the ongoing development of

GTRM’s annual Independent Risk Assurance Program (iRAPT) , focusing on key thematic risks. Lead

in the preparation of monthly

Technology Risk Reporting

for senior management and boards (GORRC, GRCC, BRCC), including insights on technology risk trends, thematic issues and emerging risks. Lead the Analysis and Correlation of information derived from the various ORM tools and other sources to provide independent assurance on technology risk trends, thematic issues, emerging risks and compliance to technology Risk Management Policies, Regulatory Requirements and controls within the group. Providing

Constructive Challenge

to the 1 st Line of Defense’sexecution of the Operational Risk Management Policy and Technology Risk Management Policy. Lead and drive

the

Effectiveness

of ORM tools execution by 1 st Line of Defense by guiding the GTD Governance Team’s 1.5 LOD and RCO/DCORO on areas pertaining to validation and assurance. To lead and drive the validation program

on areas related to

IT Controls

on CET, LED, CIM, KRI, RCSA, CET and to support preparation of the monthly/quarterly/yearly ORM scorecard and tardiness reporting. GTRM point person

for ORM related initiatives at local and group level, including the review and enhancement of ORM’s Policies and Procedures, control effectiveness initiatives and discussions with the ORM team. Coordinate

the regular discussions with GT Governance and Group Compliance focusing on areas needing attention or improvement and areas of mutual interest towards overall

strengthening of technology risk governance . Key liaison

in coordinating the reviews of the yearly RCSA refresh exercise with GTD Unit Risk Control Officer (RCO) &/or DCORO to ensure key operational risks are identified in existing GTD Unit RCSA’s and

effectiveness of controls . Participate and

provide Technology Risk Management advisory & challenges

for 1 st line and 2 nd line of defense projects. Be able to work

independently

and

lead ad-hoc tasks

which are required by GTRM & NFRM. Responsible for

managing the GTRM/CISO’s portal. Job Info

Job Identification 30689 Job Category Risk Posting Date 08/06/2025, 11:11 AM Apply Before 11/30/2025, 11:10 AM Job Schedule Full time Job Shift Day Shift

#J-18808-Ljbffr

We have a new and exciting role available within our Cyber Security division in Kuala Lumpur for a Cyber Risk Advisory Consultant. S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges. We’ve been able to do this because of our outstanding people. We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success. But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day. We’re excited you’re thinking about joining us. The role

Cyber Advisory Associates help lead our cyber resilience consultancy engagements. You will work closely with our clients to understand their challenges, lead project teams, and deliver innovative solutions across a full spectrum of cyber risk management and governance activities. Our aim is to become trusted advisors to our clients as we help them navigate dynamic and evolving security risks. Our Associates are project managers and people managers, as well as consultants. You will join a thriving Advisory Practice in which you will support the development of junior colleagues, drive improvements in products and services, and contribute to Practice strategy. Responsibilities

Cyber Security Consultancy

Lead consultancy engagements across a broad range of information security disciplines, including: Technical domains and cyber transformation Framework assessments and roadmapping Cyber regulations, governance, and compliance Incident Response, Disaster Recovery, and Business Continuity Training and Exercising Project Management

S-RM Consultants are organized and dynamic project managers and team leaders. You will: Lead complex projects independently Manage client engagement, communication, and project planning activities Oversee technical and governance-focused implementation plans Work with internal client project teams, subcontractors, and partners Understand and utilize the full range of S-RM’s people and expertise Manage junior colleagues and oversee their career development where appropriate Client Engagement, Account Management, and Business Development

Our consultants are at the heart of our business development activities. You will: Engage with clients to understand their cybersecurity challenges Innovate solutions, create, propose, and pitch cybersecurity engagements Contribute to the expansion of client accounts and winning new business Skills and Experience

We think candidates with the following skills and experience are likely to succeed as an Associate at S-RM. That said, if you don't meet all criteria but are still interested, please apply. We value strong capabilities in a few areas and interest in others. We’re looking for someone who can adapt to change and work comfortably in a fast-paced environment, with some or all of these skills: Previous experience in information security, cyber roles, and/or technical domains Ability and willingness to manage complex projects Excellent presentation skills, written communication, and attention to detail Prior consulting experience Demonstrable knowledge of: Cybersecurity frameworks, standards, and regulations Information security principles, tools, technologies, and techniques Technical cybersecurity knowledge, including: Identity and Access Management Operational Technology Industry accreditations such as SANS Institute, Security+, CISM, CISSP, or ISO27001 The successful candidate must have permission to work in

Malaysia

by the start of employment. We offer thoughtful, balanced rewards and support, including: 20 days paid holiday annually, plus public holidays and 1 additional day for each year at S-RM, up to 5 days Flexible working arrangements: minimum two days in-office, remainder remote; flexible hours between 7am-7pm Pension scheme: S-RM contributes to EPF as per legislative requirements Life insurance (details coming soon) Company-paid private medical and dental insurance (details coming soon) Maternity, paternity, and fertility leave Employee Assistance Programme: 24/7 access to counselling and support services The role is based in Kuala Lumpur, with flexible working arrangements. Preliminary call to learn more about S-RM and the role First interview: remote, skills-focused Second interview: remote, skills-focused Assessment: incident response skill evaluation Final interview: remote, skills-focused S-RM promotes equality, diversity, and inclusion, and is committed to developing a workforce with diverse talents and perspectives.

#J-18808-Ljbffr