IT Compliance Lead, Group Technology Risk Management

  • Kuala Lumpur
  • Permanent
  • Full-time
  • 18 days ago
Role Overview: A critical role within the 1.5 Line of Defence, acting as a bridge between IT operations and risk oversight functions. You will lead efforts to ensure the IT department complies with regulatory requirements, internal policies, and Bank Negara Malaysia (BNM)'s Risk Management in Technology (RMiT) guidelines. This includes coordinating responses to regulatory requests, conducting internal compliance assessments, managing exception handling, and embedding a culture of compliance across the GT function. Key Responsibilities: 1.Regulatory Compliance & Oversight Lead and manage the end-to-end IT compliance program aligned with RMiT and other applicable regulatory frameworks (e.g. Outsourcing Policy, PDPA, Compliance Self-Assessment). Coordinate and manage GT's response to BNM supervisory letters, regulatory surveys, examinations, and thematic reviews. Interpret and cascade regulatory expectations into actionable internal requirements and track implementation status. Identify, manage, and track non-compliance, exception cases, and remediation plans. 2.IT Compliance Monitoring & Internal Assurance Design and execute compliance assurance activities including internal assessments and gap analyses across IT functions. Develop action plans and monitor timely remediation of findings and exceptions. Provide subject matter advisory on IT regulations, internal policies, and industry standards (e.g., ISO 27001, COBIT, NIST). Conduct internal control testing and assist in readiness for regulatory or internal audits. Drive initiatives to reduce recurring audit findings and internal non-compliance. 3.Awareness, Engagement & Governance Drive IT compliance awareness across IT teams through workshops, campaigns, and training programs. Facilitate engagement with technology teams and business stakeholders. Prepare and present regular updates, dashboards, and reports to IT management and risk committees on IT compliance status. Actively advocate for a culture of risk awareness and regulatory accountability within IT. 4.Continuous Improvement & Coordination Review and recommend enhancements to IT compliance processes and controls under Continuous Improvement Programs. Coordinate cross-functional efforts involving complex IT environments (e.g., cloud, infrastructure, applications) to ensure end-to-end compliance. Ensure all compliance reporting timelines are met and of high quality. Escalate and resolve issues and conflicts in a timely and effective manner. 5.Key Performance Indicators (KPIs): Reduction in regulatory breaches, non-compliance incidents, and recurring audit issues. Timeliness and quality of regulatory responses and internal reporting. Compliance with RMiT, Outsourcing PD, and other BNM requirements. Stakeholder satisfaction (IT, Risk, Audit, and Compliance teams). Effective implementation of compliance action plans and initiatives. Requirements: Bachelor's degree in IT, Information Security, Risk Management, or a related field. Minimum 6-8 years of experience in IT risk, compliance, or audit within the financial services industry. Strong working knowledge of BNM's regulatory landscape, especially RMiT and Outsourcing Policy. Experience in coordinating regulatory responses and managing IT-related audits or reviews. Solid understanding of IT environments, including infrastructure, applications, and cybersecurity. Excellent stakeholder management and communication skills. Ability to manage complex projects with multiple interdependencies. Show more Show less

foundit