177 Cyber Risk Management jobs in Malaysia

Press Tab to Move to Skip to Content Link Select how often (in days) to receive an alert: Title: Senior Manager - Cyber Security Risk Management

33643 Technology Regular Employee Office - Full Time 8 Aug 2025 Job Summary

The Cyber Security Assessment (CSA) is an integral part of ICS Protect with an aligned goal to protect the Bank from information security threats by delivering effective information security services. As part of ICS Protect, we work to ensure the Bank meets its commitments to stakeholders and maintains a robust cyber security defense posture. Responsibilities

Evaluate the design and effectiveness of technology controls for applications & infrastructure systems. Act as security liaison for all key business and IT projects. Perform risk reviews based on ICS standard requirements. Provide advice and support to developers and support teams in designing and implementing risk mitigation measures. Review risks, identify root causes, and recommend sustainable improvements. Report risks and summaries accurately to stakeholders. Train and mentor junior staff. Regulatory & Business Conduct

Display exemplary conduct, uphold the Group’s Values and Code of Conduct, and ensure compliance with applicable laws and regulations. Lead teams to achieve outcomes aligned with the Bank’s Conduct Principles and regulatory responsibilities. Serve as a Director of relevant Boards where applicable. Key Stakeholders

Engage with key internal and external stakeholders to support security initiatives and compliance. Other Responsibilities

Embed the Group’s values and brand in the team; perform other duties as assigned; handle multiple functions as needed. Skills and Experience

Minimum 10 years’ experience in Information Security, preferably in banking or financial services. At least 5 years of hands-on experience in application/infrastructure risk assessments. At least 3 years of experience managing security tools/projects. Bachelor’s degree in Engineering, Computer Science, or IT (preferred). Knowledge of cloud security environments like AWS and Azure. Deep understanding of frameworks like NIST, ISO, PCI-DSS. Qualifications

Education: Bachelor’s degree in relevant fields (preferred). Training: 10-14 years in Information Security with specific experience as above. Certifications: CISA, CISM, or CISSP preferred. About Standard Chartered

We are an international bank committed to making a positive impact. We value diversity, inclusion, and integrity, and offer a range of benefits and development opportunities to support our employees’ growth and wellbeing.

#J-18808-Ljbffr

• The Contractor - Third Party Risk Assessment Analyst will be responsible for evaluating the security and compliance posture of third-party vendors and partners. This role involves identifying potential risks, assessing mitigation measures, and ensuring that third-party relationships align with FWD's security policies and regulatory requirements.

Responsibilities

• Conduct comprehensive risk assessments of third-party vendors and partners.
• Evaluate vendors' security policies, procedures, and controls to ensure they meet FWD's standards.
• Identify potential risks associated with third-party relationships and recommend appropriate mitigation measures.
• Collaborate with internal stakeholders to gather necessary information and ensure a thorough assessment process.
• Maintain up-to-date records of third-party risk assessments and findings.
• Provide detailed reports and risk ratings for third-party vendors.
• Assist in the development and improvement of third-party risk management policies and procedures.
• Monitor and track remediation efforts by third parties to address identified risks.
• Stay current with industry best practices, regulatory requirements, and emerging threats related to third-party risk management.

Required Skills

• Bachelor’s degree in Information Security, Risk Management, Business Administration, or a related field.
• 3 or more years of experience in third-party risk assessment, vendor management, or a related area.
• Strong understanding of information security principles, risk management frameworks, and regulatory requirements (e.g., GDPR, CCPA, PCI-DSS).
• Experience with risk assessment methodologies and tools.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with internal and external stakeholders.
• Detail-oriented with strong organizational skills.
• Relevant certifications (e.g., CISA, CISM, CISSP, CRISC) are a plus.

Required Qualification

• Experience working in the financial industry.
• Familiarity with third-party risk management software and platforms.
• Ability to manage multiple assessments simultaneously and meet deadlines.

Apply Now

Name *

Email *

Phone * +91

• United States +1
• United Kingdom +44
• Afghanistan (افغانستان) +93
• Albania (Shqipëri) +355
• Algeria (الجزائر) +213
• American Samoa +1
• Andorra +376
• Angola +244
• Anguilla +1
• Antigua and Barbuda +1
• Argentina +54
• Armenia (Հայաստան) +374
• Aruba +297
• Ascension Island +247
• Australia +61
• Austria (Österreich) +43
• Azerbaijan (Azərbaycan) +994
• Bahamas +1
• Bahrain (البحرين) +973
• Bangladesh (বাংলাদেশ) +880
• Barbados +1
• Belarus (Беларусь) +375
• Belgium (België) +32
• Belize +501
• Benin (Bénin) +229
• Bermuda +1
• Bhutan (འབྲུག) +975
• Bolivia +591
• Bosnia and Herzegovina (Босна и Херцеговина) +387
• Botswana +267
• Brazil (Brasil) +55
• British Indian Ocean Territory +246
• British Virgin Islands +1
• Brunei +673
• Bulgaria (България) +359
• Burkina Faso +226
• Burundi (Uburundi) +257
• Cambodia (កម្ពុជា) +855
• Cameroon (Cameroun) +237
• Canada +1
• Cape Verde (Kabu Verdi) +238
• Caribbean Netherlands +599
• Cayman Islands +1
• Central African Republic (République centrafricaine) +236
• Chad (Tchad) +235
• Chile +56
• China (中国) +86
• Christmas Island +61
• Cocos (Keeling) Islands +61
• Colombia +57
• Comoros (جزر القمر) +269
• Congo (DRC) (Jamhuri ya Kidemokrasia ya Kongo) +243
• Congo (Republic) (Congo-Brazzaville) +242
• Cook Islands +682
• Costa Rica +506
• Côte d’Ivoire +225
• Croatia (Hrvatska) +385
• Cuba +53
• Curaçao +599
• Cyprus (Κύπρος) +357
• Czech Republic (Česká republika) +420
• Denmark (Danmark) +45
• Djibouti +253
• Dominica +1
• Dominican Republic (República Dominicana) +1
• Ecuador +593
• Egypt (مصر) +20
• El Salvador +503
• Equatorial Guinea (Guinea Ecuatorial) +240
• Eritrea +291
• Estonia (Eesti) +372
• Eswatini +268
• Ethiopia +251
• Falkland Islands (Islas Malvinas) +500
• Faroe Islands (Føroyar) +298
• Fiji +679
• Finland (Suomi) +358
• France +33
• French Guiana (Guyane française) +594
• French Polynesia (Polynésie française) +689
• Gabon +241
• Gambia +220
• Georgia (საქართველო) +995
• Germany (Deutschland) +49
• Ghana (Gaana) +233
• Gibraltar +350
• Greece (Ελλάδα) +30
• Greenland (Kalaallit Nunaat) +299
• Grenada +1
• Guadeloupe +590
• Guam +1
• Guatemala +502
• Guernsey +44
• Guinea (Guinée) +224
• Guinea-Bissau (Guiné Bissau) +245
• Guyana +592
• Haiti +509
• Honduras +504
• Hong Kong (香港) +852
• Hungary (Magyarország) +36
• Iceland (Ísland) +354
• India (भारत) +91
• Indonesia +62
• Iran (ایران) +98
• Iraq (العراق) +964
• Ireland +353
• Isle of Man +44
• Israel (ישראל) +972
• Italy (Italia) +39
• Jamaica +1
• Japan (日本) +81
• Jersey +44
• Jordan (الأردن) +962
• Kazakhstan (Казахстан) +7
• Kenya +254
• Kiribati +686
• Kosovo +383
• Kuwait (الكويت) +965
• Kyrgyzstan (Кыргызстан) +996
• Laos (ລາວ) +856
• Latvia (Latvija) +371
• Lebanon (لبنان) +961
• Lesotho +266
• Liberia +231
• Libya (ليبيا) +218
• Liechtenstein +423
• Lithuania (Lietuva) +370
• Luxembourg +352
• Macau (澳門) +853
• Macedonia (FYROM) (Македонија) +389
• Madagascar (Madagasikara) +261
• Malawi +265
• Malaysia +60
• Maldives +960
• Mali +223
• Malta +356
• Marshall Islands +692
• Martinique +596
• Mauritania (موريتانيا) +222
• Mauritius (Moris) +230
• Mayotte +262
• Mexico (México) +52
• Micronesia +691
• Moldova (Republica Moldova) +373
• Monaco +377
• Mongolia (Монгол) +976
• Montenegro (Crna Gora) +382
• Montserrat +1
• Morocco (المغرب) +212
• Mozambique (Moçambique) +258
• Myanmar (Burma) (မြန်မာ) +95
• Namibia (Namibië) +264
• Nauru +674
• Nepal (नेपाल) +977
• Netherlands (Nederland) +31
• New Caledonia (Nouvelle-Calédonie) +687
• New Zealand +64
• Nicaragua +505
• Niger (Nijar) +227
• Nigeria +234
• Niue +683
• Norfolk Island +672
• North Korea (조선 민주주의 인민 공화국) +850
• Northern Mariana Islands +1
• Norway (Norge) +47
• Oman (عُمان) +968
• Pakistan (پاکستان) +92
• Palau +680
• Palestine (فلسطين) +970
• Panama (Panamá) +507
• Papua New Guinea +675
• Paraguay +595
• Peru (Perú) +51
• Philippines +63
• Poland (Polska) +48
• Portugal +351
• Puerto Rico +1
• Qatar (قطر) +974
• Réunion (La Réunion) +262
• Romania (România) +40
• Russia (Россия) +7
• Rwanda +250
• Saint Barthélemy +590
• Saint Helena +290
• Saint Kitts and Nevis +1
• Saint Lucia +1
• Saint Martin (Saint-Martin (partie française)) +590
• Saint Pierre and Miquelon (Saint-Pierre-et-Miquelon) +508
• Saint Vincent and the Grenadines +1
• Samoa +685
• San Marino +378
• São Tomé and Príncipe (São Tomé e Príncipe) +239
• Saudi Arabia (المملكة العربية السعودية) +966
• Senegal (Sénégal) +221
• Serbia (Србија) +381
• Seychelles +248
• Sierra Leone +232
• Singapore +65
• Sint Maarten +1
• Slovakia (Slovensko) +421
• Slovenia (Slovenija) +386
• Solomon Islands +677
• Somalia (Soomaaliya) +252
• South Africa +27
• South Korea (대한민국) +82
• South Sudan (جنوب السودان) +211
• Spain (España) +34
• Sri Lanka (ශ්රී ලංකාව) +94
• Sudan (السودان) +249
• Suriname +597
• Svalbard and Jan Mayen +47
• Sweden (Sverige) +46
• Switzerland (Schweiz) +41
• Syria (سوريا) +963
• Taiwan (台灣) +886
• Tajikistan +992
• Tanzania +255
• Thailand (ไทย) +66
• Timor-Leste +670
• Togo +228
• Tokelau +690
• Tonga +676
• Trinidad and Tobago +1
• Tunisia (تونس) +216
• Turkey (Türkiye) +90
• Turkmenistan +993
• Turks and Caicos Islands +1
• Tuvalu +688
• U.S. Virgin Islands +1
• Uganda +256
• Ukraine (Україна) +380
• United Arab Emirates (الإمارات العربية المتحدة) +971
• United Kingdom +44
• United States +1
• Uruguay +598
• Uzbekistan (Oʻzbekiston) +998
• Vanuatu +678
• Vatican City (Città del Vaticano) +39
• Venezuela +58
• Vietnam (Việt Nam) +84
• Wallis and Futuna (Wallis-et-Futuna) +681
• Western Sahara (الصحراء الغربية) +212
• Yemen (اليمن) +967
• Zambia +260
• Zimbabwe +263
• Åland Islands +358

#J-18808-Ljbffr

The Contractor - Third Party Risk Assessment Analyst will be responsible for evaluating the security and compliance posture of third-party vendors and partners. This role involves identifying potential risks, assessing mitigation measures, and ensuring that third-party relationships align with FWD's security policies and regulatory requirements. Responsibilities

Conduct comprehensive risk assessments of third-party vendors and partners. Evaluate vendors' security policies, procedures, and controls to ensure they meet FWD's standards. Identify potential risks associated with third-party relationships and recommend appropriate mitigation measures. Collaborate with internal stakeholders to gather necessary information and ensure a thorough assessment process. Maintain up-to-date records of third-party risk assessments and findings. Provide detailed reports and risk ratings for third-party vendors. Assist in the development and improvement of third-party risk management policies and procedures. Monitor and track remediation efforts by third parties to address identified risks. Stay current with industry best practices, regulatory requirements, and emerging threats related to third-party risk management. Required Skills

Bachelor’s degree in Information Security, Risk Management, Business Administration, or a related field. 3 or more years of experience in third-party risk assessment, vendor management, or a related area. Strong understanding of information security principles, risk management frameworks, and regulatory requirements (e.g., GDPR, CCPA, PCI-DSS). Experience with risk assessment methodologies and tools. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to collaborate effectively with internal and external stakeholders. Detail-oriented with strong organizational skills. Relevant certifications (e.g., CISA, CISM, CISSP, CRISC) are a plus. Required Qualification

Experience working in the financial industry. Familiarity with third-party risk management software and platforms. Ability to manage multiple assessments simultaneously and meet deadlines. Apply Now

Name

* Email

* Phone

*

+91

United States

+1 United Kingdom

+44 Afghanistan (افغانستان)

+93 Albania (Shqipëri)

+355 Algeria (الجزائر)

+213 American Samoa

+1 Andorra

+376 Angola

+244 Anguilla

+1 Antigua and Barbuda

+1 Argentina

+54 Armenia (Հայաստան)

+374 Aruba

+297 Ascension Island

+247 Australia

+61 Austria (Österreich)

+43 Azerbaijan (Azərbaycan)

+994 Bahamas

+1 Bahrain (البحرين)

+973 Bangladesh (বাংলাদেশ)

+880 Barbados

+1 Belarus (Беларусь)

+375 Belgium (België)

+32 Belize

+501 Benin (Bénin)

+229 Bermuda

+1 Bhutan (འབྲུག)

+975 Bolivia

+591 Bosnia and Herzegovina (Босна и Херцеговина)

+387 Botswana

+267 Brazil (Brasil)

+55 British Indian Ocean Territory

+246 British Virgin Islands

+1 Brunei

+673 Bulgaria (България)

+359 Burkina Faso

+226 Burundi (Uburundi)

+257 Cambodia (កម្ពុជា)

+855 Cameroon (Cameroun)

+237 Canada

+1 Cape Verde (Kabu Verdi)

+238 Caribbean Netherlands

+599 Cayman Islands

+1 Central African Republic (République centrafricaine)

+236 Chad (Tchad)

+235 Chile

+56 China (中国)

+86 Christmas Island

+61 Cocos (Keeling) Islands

+61 Colombia

+57 Comoros (جزر القمر)

+269 Congo (DRC) (Jamhuri ya Kidemokrasia ya Kongo)

+243 Congo (Republic) (Congo-Brazzaville)

+242 Cook Islands

+682 Costa Rica

+506 Côte d’Ivoire

+225 Croatia (Hrvatska)

+385 Cuba

+53 Curaçao

+599 Cyprus (Κύπρος)

+357 Czech Republic (Česká republika)

+420 Denmark (Danmark)

+45 Djibouti

+253 Dominica

+1 Dominican Republic (República Dominicana)

+1 Ecuador

+593 Egypt (مصر)

+20 El Salvador

+503 Equatorial Guinea (Guinea Ecuatorial)

+240 Eritrea

+291 Estonia (Eesti)

+372 Eswatini

+268 Ethiopia

+251 Falkland Islands (Islas Malvinas)

+500 Faroe Islands (Føroyar)

+298 Fiji

+679 Finland (Suomi)

+358 France

+33 French Guiana (Guyane française)

+594 French Polynesia (Polynésie française)

+689 Gabon

+241 Gambia

+220 Georgia (საქართველო)

+995 Germany (Deutschland)

+49 Ghana (Gaana)

+233 Gibraltar

+350 Greece (Ελλάδα)

+30 Greenland (Kalaallit Nunaat)

+299 Grenada

+1 Guadeloupe

+590 Guam

+1 Guatemala

+502 Guernsey

+44 Guinea (Guinée)

+224 Guinea-Bissau (Guiné Bissau)

+245 Guyana

+592 Haiti

+509 Honduras

+504 Hong Kong (香港)

+852 Hungary (Magyarország)

+36 Iceland (Ísland)

+354 India (भारत)

+91 Indonesia

+62 Iran (ایران)

+98 Iraq (العراق)

+964 Ireland

+353 Isle of Man

+44 Israel (ישראל)

+972 Italy (Italia)

+39 Jamaica

+1 Japan (日本)

+81 Jersey

+44 Jordan (الأردن)

+962 Kazakhstan (Казахстан)

+7 Kenya

+254 Kiribati

+686 Kosovo

+383 Kuwait (الكويت)

+965 Kyrgyzstan (Кыргызстан)

+996 Laos (ລາວ)

+856 Latvia (Latvija)

+371 Lebanon (لبنان)

+961 Lesotho

+266 Liberia

+231 Libya (ليبيا)

+218 Liechtenstein

+423 Lithuania (Lietuva)

+370 Luxembourg

+352 Macau (澳門)

+853 Macedonia (FYROM) (Македонија)

+389 Madagascar (Madagasikara)

+261 Malawi

+265 Malaysia

+60 Maldives

+960 Mali

+223 Malta

+356 Marshall Islands

+692 Martinique

+596 Mauritania (موريتانيا)

+222 Mauritius (Moris)

+230 Mayotte

+262 Mexico (México)

+52 Micronesia

+691 Moldova (Republica Moldova)

+373 Monaco

+377 Mongolia (Монгол)

+976 Montenegro (Crna Gora)

+382 Montserrat

+1 Morocco (المغرب)

+212 Mozambique (Moçambique)

+258 Myanmar (Burma) (မြန်မာ)

+95 Namibia (Namibië)

+264 Nauru

+674 Nepal (नेपाल)

+977 Netherlands (Nederland)

+31 New Caledonia (Nouvelle-Calédonie)

+687 New Zealand

+64 Nicaragua

+505 Niger (Nijar)

+227 Nigeria

+234 Niue

+683 Norfolk Island

+672 North Korea (조선 민주주의 인민 공화국)

+850 Northern Mariana Islands

+1 Norway (Norge)

+47 Oman (عُمان)

+968 Pakistan (پاکستان)

+92 Palau

+680 Palestine (فلسطين)

+970 Panama (Panamá)

+507 Papua New Guinea

+675 Paraguay

+595 Peru (Perú)

+51 Philippines

+63 Poland (Polska)

+48 Portugal

+351 Puerto Rico

+1 Qatar (قطر)

+974 Réunion (La Réunion)

+262 Romania (România)

+40 Russia (Россия)

+7 Rwanda

+250 Saint Barthélemy

+590 Saint Helena

+290 Saint Kitts and Nevis

+1 Saint Lucia

+1 Saint Martin (Saint-Martin (partie française))

+590 Saint Pierre and Miquelon (Saint-Pierre-et-Miquelon)

+508 Saint Vincent and the Grenadines

+1 Samoa

+685 San Marino

+378 São Tomé and Príncipe (São Tomé e Príncipe)

+239 Saudi Arabia (المملكة العربية السعودية)

+966 Senegal (Sénégal)

+221 Serbia (Србија)

+381 Seychelles

+248 Sierra Leone

+232 Singapore

+65 Sint Maarten

+1 Slovakia (Slovensko)

+421 Slovenia (Slovenija)

+386 Solomon Islands

+677 Somalia (Soomaaliya)

+252 South Africa

+27 South Korea (대한민국)

+82 South Sudan (جنوب السودان)

+211 Spain (España)

+34 Sri Lanka (ශ්රී ලංකාව)

+94 Sudan (السودان)

+249 Suriname

+597 Svalbard and Jan Mayen

+47 Sweden (Sverige)

+46 Switzerland (Schweiz)

+41 Syria (سوريا)

+963 Taiwan (台灣)

+886 Tajikistan

+992 Tanzania

+255 Thailand (ไทย)

+66 Timor-Leste

+670 Togo

+228 Tokelau

+690 Tonga

+676 Trinidad and Tobago

+1 Tunisia (تونس)

+216 Turkey (Türkiye)

+90 Turkmenistan

+993 Turks and Caicos Islands

+1 Tuvalu

+688 U.S. Virgin Islands

+1 Uganda

+256 Ukraine (Україна)

+380 United Arab Emirates (الإمارات العربية المتحدة)

+971 United Kingdom

+44 United States

+1 Uruguay

+598 Uzbekistan (Oʻzbekiston)

+998 Vanuatu

+678 Vatican City (Città del Vaticano)

+39 Venezuela

+58 Vietnam (Việt Nam)

+84 Wallis and Futuna (Wallis-et-Futuna)

+681 Western Sahara (الصحراء الغربية)

+212 Yemen (اليمن)

+967 Zambia

+260 Zimbabwe

+263 Åland Islands

+358

#J-18808-Ljbffr

Associate Director Risk Assessment Monitoring and Insight, Risk

Join to apply for the Associate Director Risk Assessment Monitoring and Insight, Risk role at Standard Chartered

Associate Director Risk Assessment Monitoring and Insight, Risk

2 months ago Be among the first 25 applicants

Join to apply for the Associate Director Risk Assessment Monitoring and Insight, Risk role at Standard Chartered

Job Summary

This role reflects our commitment to more than just profitability—it's about living our values and upholding our brand promise, Here for Good. The Managed Services team, established to support Group Risk and CFCR, centralizes the production and risk management activities in a service hub. This allows teams to make risk-reward decisions based on judgment and expertise, influence business and regulatory outcomes and oversee strategic risk and compliance programs, such as Fit for Growth (FFG) and the Controls Simplification Programme

Job Summary

This role reflects our commitment to more than just profitability—it's about living our values and upholding our brand promise, Here for Good. The Managed Services team, established to support Group Risk and CFCR, centralizes the production and risk management activities in a service hub. This allows teams to make risk-reward decisions based on judgment and expertise, influence business and regulatory outcomes and oversee strategic risk and compliance programs, such as Fit for Growth (FFG) and the Controls Simplification Programme

This is a global support role, covering SCB's presence across Asia, Africa, the Middle East, Europe, and the Americas, and spans multiple business lines such as Retail Banking, Private Banking, Wealth Management, Transaction Banking, and Financial Markets.

Key Responsibilities

• Risk Assessment: support the performance of both inherent and residual risk assessments (regular, dynamic and targeted).
• Control Monitoring: Support the control design effectiveness assessment, and dynamically monitor risk and controls.
• Change Risk: Assess and manage risks associated with change initiatives.
• Issue & Event Management: Support in the management of issues and events, escalate as needed, and ensure timely reporting.
• Risk Insights: Provide actionable risk insights to business stakeholders.
• Data Quality: Identify and remediate data quality issues, including administration, reporting and ownership of resolution. Ensure data models are up to date and accurate.
• Horizon Scanning: support horizon scanning product and related Knowledge Management System
• FFG Programme: support the overall embedding and transitioning of new technology solutions (e.g. AI capabilities) into various risk processes.
• Governance: document processes and procedures to ensure transition of services to the Managed Service team are accurate, up to date and centrally stored and available.
• Help build world-class risk and compliance capabilities, fostering a risk-aware and client-focused environment for the bank’s next phase of growth.
• Deliver simplified, standardized, and digitized solutions that meet compliance obligations while providing insights to the 1st Line of Defence (1LoD) for better decision-making.
• Execution of risk assessment, monitoring and insight processes.
• Enhance and simplify controls related to OTCR (Operational, Technology, and Cyber Risk), where appropriate.
• Capture lessons learnt and refine tooling and processes improvements.
• Identify insights, analyse, and assess OTCR risks and implementing control frameworks to manage these risks.
• Development of basic MI to support Coverage and SME actions (i.e., trends).
• Conduct deep dives into material, emerging, or unknown risks to enable appropriate risk mitigation.
• Manage issues as they arise, performing root cause analysis, lessons learned, and remediation efforts.
• Address data quality issues and ensure data models are up to date and accurate, notably those that are related to implemented AI use cases and capabilities.
• Maintain Knowledge Management Systems that enable and support risk products and microservices.
• Implement a risk-based compliance framework for managing OTCR risks.
• Recommend risk assessment standards across OTCR risk types, ensuring compliance with all relevant regulations.
• Escalate potential OTCR risks to management.
• Support the end-to-end lifecycle of audit, assurance, and regulatory reviews related to Professional Services, including tracking and remediation.
  
  

Skills And Experience

Overall Working Experience:

• Overall experience in Banking or Financial Institution or Regulator or Fintech or equivalent industry
  
  

Business & Contextual Experience in at least one of the below:

• Retail Banking
• Wealth Management
• Private Banking
• Transaction Banking – Trade
• Transaction Banking – Cash Management
• Markets (e.g., Sales & Trading, Global Credit Markets, Private Side)
  
  

Domain And Functional Experience In One Of The Below

• OTCR – Operational, Technology and Cyber Risk
• Conduct & Compliance Risks
• Data Risk
• Conflict of Interest
• Non-Financial Regulatory Reporting
• Regulatory Conduct
• Market Conduct
• Client Conduct
• Financial Crime Risks
• Anti-Money Laundering
• Anti-Bribery & Corruption
• Sanctions
• Fraud (Internal and External)
• Experience in Business or Product or Operations Risk Management with exposure to Conduct or Compliance or Financial Crime or Control Oversight in a front or first-line role, and/or
  
  

Other Experience

• Well versed with tools and techniques of analysing potential risk exposures
• Understanding of effective communication skills.
• Understanding of best practice risk assessment techniques and risk management frameworks.
• Understanding of the key features of relevant laws and regulations relevant to the Group
• Sound judgement on business practices, regulatory relationship management and reputational risk,
• Ability to balance both detail oriented and big picture perspectives.
• Ability to collaborate and work dynamically across functions.
  
  

Key stakeholders*

• Global Compliance Officers covering Business or Products or Client Segments or Clusters, and their respective team.
• Chief Country Compliance Officers covering Countries, and their respective team.
• Global Product Owners covering respective CFCC & Risk products.
• Global and Country Business Heads
• Global and Country Business Risk Management
• Global and Country Process Leads
• Chief Data Officer and teams involved in developing Data analytical products.
• Global Head Technology involved in developing technology solutions and regulatory technology products.
• Audit & Assurance teams
  
  

Qualifications

• We value your practical and hands-on experience in the above domains .
• Any industry certifications in the Risk & CFCR domains are most welcome (e.g., IRM, CISSP, ACAMS, ICA).
• Any industry certifications in the Business or Product domain are most welcome
  
  

About Standard Chartered

We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.

Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.

Together We

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term
  
  

What We Offer

In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Finance and Sales
• Industries Banking

Referrals increase your chances of interviewing at Standard Chartered by 2x

Sign in to set job alerts for “Risk Director” roles.

Federal Territory of Kuala Lumpur, Malaysia 2 days ago

Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago

Head, Third-Party Risk Management (TPRM) and Outsourcing

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 day ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 months ago

Head, Business Risk & Compliance Management

WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 months ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 months ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago

Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Petaling Jaya, Selangor, Malaysia 2 days ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 days ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 days ago

WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 months ago

WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 5 months ago

Legal Associate Director, FinTech & Payments (Bangkok-based, Relocation Provided)

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 hours ago

Deputy Manager | Risk Management Advisory (Technology Risk)

Kota Damansara, Selangor, Malaysia 3 weeks ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 year ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 year ago

Manager, Risk Management (Technology Risk)

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 11 months ago

Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 23 minutes ago

Bangsar South, Federal Territory of Kuala Lumpur, Malaysia 3 months ago

Manager, Risk & Compliance - Group Business & Transaction Banking

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago

Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago

Senior Group Manager, Technology Risk Management

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 days ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 months ago

Manager - Governance, Risk & Compliance - TRC (Petaling Jaya)

Petaling Jaya, Selangor, Malaysia 3 hours ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Joining Razer will place you on a global mission to revolutionize the way the world games. Razer is a place to do great work , offering you the opportunity to make an impact globally while working across a global team located across 5 continents. Razer is also a great place to work, providing you the unique, gamer-centric #LifeAtRazer experience that will put you in an accelerated growth, both personally and professionally.

Job Responsibilities : We are looking for a skilled and analytical Information Security Analyst to join our team. In this role, you’ll be at the forefront of protecting our systems by identifying vulnerabilities, responding to threats, and continuously improving our security posture.

This position offers valuable hands-on experience in cybersecurity. If you're eager to learn and build a career in this field, we encourage you to apply.

Essential Duties and Responsibilities

• Conduct vulnerability assessments and provide actionable remediation plans
• Perform penetration testing on networks, applications, and infrastructure.
• Review and optimize firewall rules and configurations.
• Monitor, analyze, and respond to security events and incidents, ensuring timely resolution and root cause analysis
• Investigate and respond to security incidents in a timely manner.
• Review and validate bug bounty submissions, coordinating with researchers and internal teams.
• Collaborate with IT, DevOps, and compliance teams to implement security best practices.
• Collaborate closely with business units to provide expert support and guidance on information security matters.
• Champion security awareness initiatives within the business, promoting a culture of security consciousness and best practices.
• Perform ad hoc tasks that are assigned by team leader or team manager.

Requirements

• Candidate must possess at least a Bachelor's Degree, Post Graduate Diploma, Professional Degree, Computer Science/Information Technology/Security or equivalent. (candidates with relative levels of related experience will be considered).
• At least 3-5 years of hands-on working experience in cybersecurity, ethical hacking or information/IT security is required for this position.
• Possession of industry-relevant certifications such as CompTIA Security+, CEH, OSCP, or similar will be advantageous.
• For lead roles, experience in people management, ability to lead and influence people is expected.
• Hands-on experience with tools such as Burp Suite, Metasploit, Nessus, Qualys, Splunk, and SIEM platforms.
• Strong understanding of network protocols, web application security, and threat detection.
• Knowledge of AWS Cloud Computing services and experience with Linux servers is essential.
• Independent with excellent analytical skills, a problem-solving attitude, and the ability to work well in a team environment.
• Applicants must be willing to work in ICITY SHAH ALAM.

Are you game?

Pre-Requisites :

Are you game?

#J-18808-Ljbffr

Join to apply for the Information Security Analyst role at Razer Inc.

Join to apply for the Information Security Analyst role at Razer Inc.

Get AI-powered advice on this job and more exclusive features.

Joining Razer will place you on a global mission to revolutionize the way the world games. Razer is a place to do great work , offering you the opportunity to make an impact globally while working across a global team located across 5 continents. Razer is also a great place to work, providing you the unique, gamer-centric experience that will put you in an accelerated growth, both personally and professionally.

Job Responsibilities

We are looking for a skilled and analytical Information Security Analyst to join our team. In this role, you’ll be at the forefront of protecting our systems by identifying vulnerabilities, responding to threats, and continuously improving our security posture.

This position offers valuable hands-on experience in cybersecurity. If you're eager to learn and build a career in this field, we encourage you to apply.

Essential Duties And Responsibilities

• Conduct vulnerability assessments and provide actionable remediation plans
• Perform penetration testing on networks, applications, and infrastructure.
• Review and optimize firewall rules and configurations.
• Monitor, analyze, and respond to security events and incidents, ensuring timely resolution and root cause analysis
• Investigate and respond to security incidents in a timely manner.
• Review and validate bug bounty submissions, coordinating with researchers and internal teams.
• Collaborate with IT, DevOps, and compliance teams to implement security best practices.
• Collaborate closely with business units to provide expert support and guidance on information security matters.
• Champion security awareness initiatives within the business, promoting a culture of security consciousness and best practices.
• Perform ad hoc tasks that are assigned by team leader or team manager.
  
  
  

Requirements

• Candidate must possess at least a Bachelor's Degree, Post Graduate Diploma, Professional Degree, Computer Science/Information Technology/Security or equivalent. (candidates with relative levels of related experience will be considered).
• At least 3-5 years of hands-on working experience in cybersecurity, ethical hacking or information/IT security is required for this position.
• Possession of industry-relevant certifications such as CompTIA Security+, CEH, OSCP, or similar will be advantageous.
• For lead roles, experience in people management, ability to lead and influence people is expected.
• Hands-on experience with tools such as Burp Suite, Metasploit, Nessus, Qualys, Splunk, and SIEM platforms.
• Strong understanding of network protocols, web application security, and threat detection.
• Knowledge of AWS Cloud Computing services and experience with Linux servers is essential.
• Independent with excellent analytical skills, a problem-solving attitude, and the ability to work well in a team environment.
• Applicants must be willing to work in ICITY SHAH ALAM.
  
  
  

Are you game?

Pre-Requisites

Are you game?

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Computers and Electronics Manufacturing

Referrals increase your chances of interviewing at Razer Inc. by 2x

Get notified about new Information Security Analyst jobs in Shah Alam, Selangor, Malaysia .

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 months ago

Petaling Jaya, Selangor, Malaysia 6 days ago

Petaling Jaya, Selangor, Malaysia 21 hours ago

(Senior) Cyber Security Consultant & Penetration Tester

WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 months ago

(TRC) Manager - Cyber Response (Petaling Jaya)

Kuala Lumpur City, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Federal Territory of Kuala Lumpur, Malaysia 3 days ago

Federal Territory of Kuala Lumpur, Malaysia 4 days ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 months ago

Federal Territory of Kuala Lumpur, Malaysia 2 days ago

WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago

Wilayah Persekutuan Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 days ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 days ago

WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Internship - Network & Information Security Engineer

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 months ago

Federal Territory of Kuala Lumpur, Malaysia 4 days ago

Security Operations & Governance Analyst (1 year Contract)

Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 months ago

Cyber Security Analyst (Governance, Risk & Compliance)

Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago

Associate Manager - Security Compliance Analyst

Petaling Jaya, Selangor, Malaysia 1 month ago

Cyber Security (Digital Forensic Analyst) AVP, Data Security Engineer, Group Information Security

Federal Territory of Kuala Lumpur, Malaysia 4 days ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago

Senior Information Security Engineer (ISE)

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago

Operational Technology (OT) Security Analyst Security Operations Analyst- APAC Blue Team Leader

Kuala Lumpur City, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Associate Manager - Security Compliance Analyst

Petaling Jaya, Selangor, Malaysia 2 days ago

Kuala Lumpur City, Federal Territory of Kuala Lumpur, Malaysia 1 year ago

(Senior) Security Engineer, Security Engineering & Threat Intelligence

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Cyber Security Metrics and Behavioural Analyst

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago

Federal Territory of Kuala Lumpur, Malaysia 4 days ago

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago

Petaling Jaya, Selangor, Malaysia 7 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

List of Responsibilities:

• Ongoing leadership and review of IT security

• Implementing and designing cyber security policies, procedures and system solutions in line with industry standards and certifications

• Operate, conduct, and maintain DUG’s SIEM platform and conduct regular security audits of systems, policies, procedures, network configuration, operating systems, authentication systems, permission structures

• Serve as the DUG point person for third-party security audit(s)

• Provide pre-sales security briefings / Q&A to DUG HPC Cloud customer security teams

• Work with DUG HPC Cloud customers and DUG teams on security integration

• Provide strategic-level guidance for DUG’s cyber security program and ensure compliance with cyber security policy, standards, regulations and legislation, working with the senior executives within DUG.

• Ensure the alignment of cyber security and business objectives within DUG. To achieve this, you will facilitate communication between cyber security and business stakeholders. This includes translating cyber security concepts and language into business concepts and language as well as ensuring that business teams consult with cyber security teams to determine appropriate security measures when planning new business projects. Additionally, you will be responsible for the development of the strategic-level cyber security program, being best placed to advise projects on the strategic direction of cyber security.

• Contribute to the development and maintenance of DUG’s business continuity and disaster recovery plans, with the aim to improve business resilience and ensure the continued operation of critical business processes

• Report on the DUG’s security risk profile, the status of key systems and any outstanding security risks, any planned cyber security uplift activities, any recent cyber security incidents, and expected returns on cyber security investments

• Oversee DUG’s response to cyber security incidents, including how internal teams respond and communicate with each other during an incident

• Ensure that a consistent vendor management process is applied across their organisation, from discovery through to ongoing management

#J-18808-Ljbffr

List of Responsibilities:

• Ongoing leadership and review of IT security

• Implementing and designing cyber security policies, procedures and system solutions in line with industry standards and certifications

• Operate, conduct, and maintain DUG’s SIEM platform and conduct regular security audits of systems, policies, procedures, network configuration, operating systems, authentication systems, permission structures

• Serve as the DUG point person for third-party security audit(s)

• Provide pre-sales security briefings / Q&A to DUG HPC Cloud customer security teams

• Work with DUG HPC Cloud customers and DUG teams on security integration

• Provide strategic-level guidance for DUG’s cyber security program and ensure compliance with cyber security policy, standards, regulations and legislation, working with the senior executives within DUG.

• Ensure the alignment of cyber security and business objectives within DUG. To achieve this, you will facilitate communication between cyber security and business stakeholders. This includes translating cyber security concepts and language into business concepts and language as well as ensuring that business teams consult with cyber security teams to determine appropriate security measures when planning new business projects. Additionally, you will be responsible for the development of the strategic-level cyber security program, being best placed to advise projects on the strategic direction of cyber security.

• Contribute to the development and maintenance of DUG’s business continuity and disaster recovery plans, with the aim to improve business resilience and ensure the continued operation of critical business processes

• Report on the DUG’s security risk profile, the status of key systems and any outstanding security risks, any planned cyber security uplift activities, any recent cyber security incidents, and expected returns on cyber security investments

• Oversee DUG’s response to cyber security incidents, including how internal teams respond and communicate with each other during an incident

• Ensure that a consistent vendor management process is applied across their organisation, from discovery through to ongoing management

#J-18808-Ljbffr

We are looking for an experienced Information Security Officer to design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security breaches. To be successful as an information security officer, you should have good analytical skills and knowledge of the best practices to prevent a wide range of security threats. You should also be an excellent communicator, able to train and educate our staff in various information security topics.

If you are passionate about IT security and want to work with a dynamic team of professionals, we encourage you to apply for this exciting opportunity. We offer competitive salaries and benefits packages, as well as opportunities for professional growth and development.

Key Activities :

1. Developing and implementing IT security policies, procedures, and standards
2. Identifying potential security risks and vulnerabilities and taking appropriate action to mitigate them
3. Conducting regular security assessments to identify weaknesses in our systems and processes
4. Developing and implementing security incident response plans
5. Managing and monitoring security systems, including firewalls, intrusion detection/prevention systems, and anti-virus software
6. Conducting regular security training for employees to ensure they are aware of the latest security threats and how to respond to them
7. Investigating security incidents and breaches and taking appropriate action to prevent them from happening again
8. Staying up to date with the latest security technologies and trends

Formal Education :

Degree in computer science or a technology-related field.

Specialist Knowledge :

Minimum 3 years of experience as an ISO or in a similar information security role.

Detailed Requirements for each career level (each Functional Level separately)

1. Solid knowledge of global information security standards (e.g. NIST, ISO 27001), best practices and requirements from major regulators in the financial sector (e.g. MAS, BaFin)
2. Solid knowledge of data protection standards (e.g. NIST, GDPR)
3. Excellent problem-solving and analytical skills.
4. Ability to educate a non-technical audience about various security measures.
5. Effective verbal and written communication skills
6. Candidates with professional certifications such as CISA, CISM, CRISC, CISSP and other Cyber Security certifications are preferred.

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Management, Business Development, and Information Technology

Industries

Banking

#J-18808-Ljbffr