About Us: Noventiq (Noventiq Holdings PLC) is a premier global provider of cutting-edge digital transformation and cybersecurity solutions, headquartered in London. We empower businesses to thrive in the digital age, connecting them with top-tier IT vendors and delivering our own innovative services and proprietary solutions.
Why Noventiq Our success is driven by a robust three-dimensional strategy focused on expanding our market presence, diversifying our product portfolio, and enhancing our sales channels. Through strategic M&A activities, we are poised to capitalize on industry consolidation and achieve unprecedented growth. With a dynamic team of approximately 6,400 employees operating in around 60 countries, we have a significant footprint in regions with immense growth potential, including Latin America, EMEA, APAC, and a notable presence in India.
Your Opportunity: Join a globally recognized organization, celebrated with multiple Great Place to Work awards. At Noventiq, your ideas matter. We foster an environment where innovation thrives and collaboration is a cornerstone. Be a part of our journey to drive digital transformation worldwide.
Ready to Make an Impact If you're passionate about shaping the future of digital transformation and cybersecurity, we want you on our team. Join us and be a part of a global organization where your contributions are valued and your potential is limitless. Join us today!
We are looking for a
GRC Consultant who will perform
industry-specific governance, risk, and compliance assessments for customers across Malaysia including
Healthcare, Financial Services, Utilities, Public Sector, Retail, Manufacturing , and other regulated industries.
This role suits someone who enjoys customer-facing engagements, conducting assessments, and guiding organizations toward stronger cybersecurity maturity.
Key Responsibilities
Industry-Specific GRC Assessments
- Conduct end-to-end GRC assessments tailored to customer industries:
- Healthcare: HCIS, PDPA, ISO 27001
- Financial Services: BNM RMiT, PCI-DSS, ISO 27001, SOC 2
- Utilities/Energy: NIST CSF, ISO 27019, industry-specific compliance
- Enterprise: NIST CSF, CIS Controls, COBIT
- Perform maturity assessments, gap analysis, and control effectiveness reviews.
- Develop detailed remediation roadmaps for customers.
Governance & Policy Development
- Review, develop, and enhance customer cybersecurity policies, standards, and SOPs.
- Map customer controls to regulatory and framework requirements.
- Provide governance improvement recommendations.
Risk Management
- Conduct enterprise and cybersecurity risk assessments.
- Identify, evaluate, and prioritize risks based on business impact.
- Develop risk treatment plans and collaborate with customer teams on mitigation strategies.
- Build or refine customer risk registers, KPI/KRI dashboards, and reporting structures.
Compliance & Advisory Services
- Advise customers on compliance with Malaysian and industry regulations:
- PDPA
- BNM RMiT
- PCI-DSS
- ISO 27001
- Sector-driven requirements
- Support internal/external audit readiness and evidence preparation.
Reporting & Customer Engagement
- Produce high-quality assessment reports, maturity scorecards, and risk heatmaps.
- Deliver presentations and debriefs to IT, cybersecurity, risk, and management stakeholders.
- Conduct workshops, interviews, and walkthroughs with customer teams.
Qualifications & Skills
Required
- Degree in Cybersecurity, IT, Information Systems, or related field.
- 37 years experience in GRC, cybersecurity consulting, or IT governance.
- Strong understanding of:
- ISO 27001
- NIST CSF
- CIS Controls
- COBIT
- PDPA
- BNM RMiT
- Excellent communication, documentation, and presentation skills.
Preferred Certifications (Highly Advantageous)
- ISO 27001 Lead Auditor (LA)
- ISO 27001 Lead Implementer (LI)
- ISO 22301 Lead Auditor/Implementer
- PCI DSS ISA/QSA (advantageous)
- COBIT Foundation / COBIT Design & Implementation
- CRISC, CISM, CISSP, Security+
- Any industry-specific GRC or audit certification.
What we offer
- Working time: Mond-Fri, flexible working time; work in office 5 days/week
- Attractive Bonus, & Allowances for mobile, transportation, parking
- Opportunities to work with global colleagues from different cultures
- Premium Healthcare insurance for employees and family (spouse/children)
- External and Internal Training Opportunities
- Birthday paid day-off & Birthday gift
- Recognition program, Referral program
- Other activities: annual company trip, year-end dinner, exciting engagement events, coaching opportunities, etc.
- Annual Salary Review & Promotion
Don't forget to include your CV and cover letter. We receive a lot of applications, but we try to notice each of our potential candidates.
Location: Kuala Lumpur - NQMYS, Kuala Lumpur, Kuala Lumpur, Malaysia
