A

Head, Cyber Risk Management

icon building Syarikat : Affin Bank
icon briefcase Jenis Pekerjaan : Sepenuh Masa

Bilangan Pemohon

 : 

000+

Click to reveal the number of candidates who applied for this job.
icon loader
Mohon Sekarang
icon loader Mohon Sekarang

Let AI Supercharge Your Job Hunt!

JobCopilot scans 500,000+ company career sites daily to find jobs for you

Never miss an opportunity Save hours by auto-filling applications forms Land more interviews with tailored applications
happy man
thunder iconActivate JobCopilot

Penerangan Pekerjaan - Head, Cyber Risk Management

Create your future with Affin! ​​You too can make a difference.

Join us at AFFIN, where the open minds meet and be inspired by a shared commitment to great work. Here, you don’t just stay at the forefront of the industry – you can make a difference too.

Job Purpose

To lead and oversee the Cyber Risk Management unit under Group Technology Risk Management (GTRM), serving as the Second Line of Defense (2LOD) in providing independent risk oversight on Group Technology (GT), which operates as the First Line of Defense (1LOD).

The role is responsible for ensuring that technology and cyber risks across the Group are appropriately identified, assessed, monitored, and mitigated in compliance with internal risk governance frameworks and regulatory requirements, including Bank Negara Malaysia (BNM), Securities Commission Malaysia (SC), and Bursa Malaysia.

Key Responsibilities

1. Cyber Risk Oversight & Governance

  • Lead the independent oversight of cyber and technology risks across the Group in line with the Bank’s Enterprise Risk Management Framework.
  • Establish and maintain cyber risk management policies, standards, and frameworks aligned to regulatory expectations and industry best practices.
  • Provide effective advisory to the First Line (Group Technology) on risk identification, mitigation plans, and control effectiveness.

2. Regulatory Compliance & Engagement

  • Ensure full compliance with regulatory requirements, including BNM Risk Management in Technology (RMiT), SC guidelines, and Bursa requirements.
  • Act as the central coordination point for regulatory reviews, audits, and submissions relating to cyber and technology risk.
  • Monitor regulatory developments and ensure timely implementation of new requirements across the Group.

3. Risk Assessment & Monitoring

  • Oversee the execution of cyber risk assessments, including IT risk assessments, vulnerability management oversight, and cyber resilience reviews.
  • Review and challenge risk and control self-assessments (RCSAs), key risk indicators (KRIs), and risk reporting provided by the First Line.
  • Ensure material risks are escalated appropriately to senior management and relevant governance committees.

4. Incident Oversight & Cyber Resilience

  • Provide oversight of major cyber incidents and ensure appropriate escalation, response, and post-incident review.
  • Assess the adequacy of incident response, disaster recovery, and business continuity plans from a cyber risk perspective.
  • Ensure lessons learned from incidents are embedded into risk mitigation strategies.

5. Stakeholder Management & Advisory

  • Serve as a trusted risk advisor to Group Technology, senior management, and business units on cyber risk matters.
  • Engage with internal stakeholders including Compliance, Internal Audit, and Business Units to ensure a coordinated risk management approach.
  • Present cyber risk insights, issues, and recommendations to senior management committees (e.g., Risk Management Committee, Board-level committees).

6. Team Leadership & Capability Building

  • Lead, develop, and mentor the Cyber Risk Management team to ensure strong technical and risk management capabilities.
  • Drive a culture of risk awareness and accountability across the organisation.
  • Ensure adequate resources, tools, and skillsets are in place to support evolving cyber risk landscape.

Job Requirements

Academic & Professional Qualifications

  • Bachelor’s Degree in Information Security, Cybersecurity, Computer Science, Risk Management, or related discipline.
  • Professional certifications are highly preferred (e.g., CISSP, CISM, CRISC, CISA, or equivalent).

Experience

  • Minimum 8 of relevant experience in cyber risk, technology risk, or IT security, preferably within the financial services industry.
  • Proven experience in a leadership role managing cyber risk or technology risk functions.
  • Strong familiarity with regulatory requirements such as BNM RMiT, SC guidelines, and Bursa Malaysia expectations.

Technical & Functional Competencies

  • Strong understanding of cyber risk frameworks, IT governance, and security controls.
  • Experience in risk assessment methodologies, cyber threat landscape, and incident management oversight.
  • Ability to challenge technical stakeholders and provide independent risk perspectives.

Behavioural Competencies

  • Strong leadership and stakeholder management skills, with the ability to influence across all levels of the organisation.
  • High level of integrity, professionalism, and sound judgement.
  • Strong analytical thinking, decision-making, and problem-solving capabilities.
  • Effective communication and presentation skills, particularly at senior management and Board level.
Original job Head, Cyber Risk Management posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Mohon Sekarang
Share Job
Share Job

Auto-Apply to Head, Cyber Risk Management Jobs with your AI JobCopilot

thunder icon Auto-Apply with AI

Similar Head, Cyber Risk Management Jobs in Malaysia

GrabJobs ialah portal pekerjaan no1 di Malaysia, menghubungkan anda dengan beribu-ribu pekerjaan dengan pantas! Cari kerja terbaik di Malaysia, mohon dalam 1 klik dan dapatkan pekerjaan hari ini!

Aplikasi Mudah Alih

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.