ASSISTANT IT COMPLIANCE MANAGER

Posted 2 months ago

POSITION : ASSISTANT MANAGER

Job Summary :

As an Assistant IT Compliance Manager, you will play a critical role in ensuring that our organization adheres to IT compliance standards while enhancing our overall security and risk management practices. You will work closely with the IT Compliance Manager and other stakeholders to achieve these objectives.

Key Responsibility :

1. Quarterly Reviews and Process Updates

  • Organize and plan quarterly reviews of IT-related processes and documentation.
  • Identify areas for improvement and ensure that all IT processes align with current best practices.
  • Collaborate with cross-functional teams to implement necessary updates and improvements.

2. Audit Documentation Management

  • Manage, control, and validate all audit documentation to support annual audits, including ISMS, Internal Audit, and external audits conducted by Deloitte.
  • Review and update audit documentation to ensure accuracy and compliance with audit requirements.

3. Cyber Threat & Crisis Management

  • Develop and implement a comprehensive Cyber Threat and Crisis Management Plan.
  • Identify potential cyber threats and establish crisis management protocols.
  • Lead crisis response efforts in the event of a cybersecurity incident.

4. Risk Mitigation

  • Provide options and solutions for risk mitigation.
  • Collaborate with relevant teams to implement the Risk Mitigation Plan effectively.
  • Monitor progress and ensure that identified risks are addressed.

5. Management Updates and Disaster Recovery

  • Prepare regular updates for senior management on IT compliance matters.
  • Oversee IT Audit and Disaster Recovery functions to ensure preparedness and resilience.

6. ISO Implementation for Compliance Uplift

  • Research and implement new ISO standards to elevate compliance standards across the organization, not limited to IT.
  • Ensure that ISO standards are integrated into relevant processes.

7. Security Awareness Overseeing

  • Oversee the implementation of organization-wide security awareness programs.
  • Educate employees on cybersecurity best practices and promote a security-conscious culture.

8. Compliance Campaigns and SOP Integration

  • Create and lead compliance campaigns.
  • Collaborate with departmental section leads to integrate compliance best practices into Standard Operating Procedures (SOPs) and processes.

Requirements :

  • A bachelor’s degree in a relevant field such as Information Technology, Computer Science, Cybersecurity, or Business Administration is typically required. Some organizations may prefer candidates with a master’s degree or relevant certifications.
  • Professional certifications related to IT compliance and cybersecurity are highly valuable. Examples include Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), and ISO 27001 Lead Auditor/Implementer.
  • A strong understanding of IT compliance standards and frameworks such as ISO 27001, NIST Cybersecurity Framework, GDPR, HIPAA, and industry-specific regulations is essential.
  • Proficiency in risk assessment and mitigation strategies to identify and address potential vulnerabilities and threats.
  • Skills in managing audit documentation and facilitating successful audits. Attention to detail and documentation accuracy is crucial.
  • Ability to develop and implement crisis management plans to respond effectively to cybersecurity incidents and other crises.
  • Familiarity with IT systems, networks, and security technologies to assess compliance and security risks.
  • Strong communication skills to collaborate with cross-functional teams, communicate compliance requirements, and conduct security awareness programs.
  • Project management skills to plan and execute compliance initiatives, including quarterly reviews and ISO implementation.
  • The ability to analyze complex IT compliance issues, identify trends, and propose solutions.
  • Leadership skills to oversee compliance campaigns and work collaboratively with departmental leads.
  • A commitment to promoting a security-conscious culture within the organization.
  • Stay updated on relevant laws, regulations, and industry standards affecting IT compliance.
  • Strong problem-solving abilities to address compliance challenges and find innovative solutions.
  • The IT compliance landscape is constantly evolving; adaptability and a willingness to learn and stay current with industry trends are vital.
  • Ability to work effectively with cross-functional teams and communicate compliance requirements clearly to non-technical stakeholders.

Human Resources Department
Westports Malaysia Sdn Bhd
5th Floor, Tower Block, P.O. Box 266, Pulau Indah, 42009 Port Klang, Selangor Darul Ehsan
Tel: 03-3169 4000 Fax: 03-3169 4101

All applications will be treated strictly private and confidential.

  1. Only shortlisted candidates will be notified within 2 weeks (14 business days).
  2. Unsuccessful candidate’s application will be KIV for future opening.
  3. Kindly prepare the following documents prior to applying as these attachments are mandatory.
    • Profile Picture (jpeg, jpg and png file only)
    • School education certificate (jpeg, jpg and png file only)
    • Tertiary education certificate (jpeg, jpg and png file only)
    • Resume (pdf file only)