We are seeking a proactive and detail-oriented Cybersecurity Governance, Risk & Compliance (GRC) Analyst to join our Group Cybersecurity team. The candidate will play a key role in leading, implementing, and maintaining cybersecurity governance, risk, and compliance initiatives across Sunway Group and its Business Units. This includes ensuring alignment with regulatory frameworks such as the Securities Commission's Technology Risk Management Guidelines (SC TRMG) , ISO/IEC 27001:2022 , and other applicable industry standards. Key Responsibilities Lead and coordinate IT and cybersecurity compliance assessments across Sunway Business Units to evaluate the effectiveness of internal controls and identify areas for improvement. Develop and implement cybersecurity GRC strategies, frameworks, and processes in collaboration with Business Unit IT teams, Group Internal Audit, Risk & Compliance, and other stakeholders. Conduct risk assessments and evaluate control effectiveness for systems, applications, cloud platforms, and IT infrastructure to ensure alignment with policy and regulatory expectations. Identify, document, and manage IT/cybersecurity risks, including the creation of risk treatment plans, remediation tracking, and reporting. Maintain and monitor the cybersecurity risk register and ensure timely resolution of identified control gaps and risk exceptions. Provide advisory support during audits, regulatory inspections, and risk reviews, including the preparation of required documentation and evidence. Lead initiatives related to information security governance, such as policy development, standard operating procedures (SOPs), and control mappings. Support continuous compliance efforts for standards including ISO 27001, SC TRMG, NIST CSF, and other relevant frameworks. Conduct cybersecurity awareness and training programs to foster a risk-aware culture across the organization. Stay current on emerging cybersecurity regulations, standards, and threat landscapes to ensure the organization's risk posture remains resilient and compliant. Requirements Education : Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related discipline. Experience : Minimum 2-4 years of experience in cybersecurity governance, IT risk management, compliance, or IT audit. Certifications (added advantage) : ISO/IEC 27001 Lead Implementer or Lead Auditor Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) Certified in Risk and Information Systems Control (CRISC) Other relevant certifications (e.g., CISSP, CGEIT, GRC-related) Strong knowledge of information security principles, IT governance frameworks, and risk management methodologies. Familiarity with regulatory and industry cybersecurity standards such as ISO/IEC 27001, SC TRMG, NIST etc. Excellent communication, report writing, and stakeholder engagement skills. Benefits: Leaves: Annual Leave, Medical Leave, Hospitalization Leave, Special Leave. Medical Benefits - Sunway Medical Insurance for Outpatient & Inpatient inclusive for dependents. Dental and Optical benefits. Group Term Life & Personal Accident Insurance Scheme. Executive Health Screening. Salary increment based on individual performance. Bonus based on company & individual performance. Career Development: Training and certification sponsored by the company, Annual Talent Review, Career Planning. Rewards and recognition: Long Service Award. Additional Benefits: Staff Discount (i.e. Theme Park, Hospitality, Education, Property, Medical, Retail, Food & Beverages), Sports and Recreational, Family Day, Annual Dinner, Flexible Working Arrangement for working mothers. Open communication. Young, energetic and fun working environment. Are you ready to elevate your working skills and experience Click the 'Apply Now' and you are one step ahead to an outstanding career. Our recruitment team will reach out to shortlisted candidates only. Show more Show less