
Search by job, company or skills

The Technology & Cyber Risk Assurance Manager leads and executes independent, structured assurance reviews across PNB's cybersecurity, technology, and multi-cloud domains as part of the Second Line of Defence (2LOD). The role is responsible for assessing both the design adequacy and operating effectiveness of controls spanning cyber defence capabilities, IT infrastructure, enterprise applications, and multi-cloud platforms (Microsoft Azure, Alibaba Cloud, Oracle Cloud Infrastructure, and Amazon Web Services).
This position conducts risk-based control testing, technical evidence validation, thematic deep-dive reviews, and continuous assurance monitoring over security, technology, and cloud risks including adversarial simulation. The Manager is accountable for producing clear, data-driven insights on risk and control posture, validating the quality and sustainability of corrective actions, and constructively challenging first-line stakeholders on the adequacy of their remediation responses.
The role ensures full alignment to applicable Malaysian regulatory requirements (SC GTRM, BNM RMiT), internal risk policies, and internationally recognised industry frameworks including NIST CSF 2.0, ISO/IEC 27001:2022, CIS Controls, MITRE ATT&CK, and CSA CCM. The Manager plays a pivotal role in strengthening enterprise-wide governance, improving control maturity, and delivering regular risk assurance reporting to senior leadership and relevant risk and compliance forums.
Job ID: 151013827
Skills:
Java, Github, Power Bi, PowerShell, Git, Oracle Cloud, Javascript, Bitbucket, Terraform, Perl, Ansible, Shell scripting, Gitlab, Powercli, Microsoft Azure, Python, AWS, Nagios XI
Skills:
Backup, Microsoft 365, Microsoft Azure, Security, AI platforms, AWS solutions, Crm Systems
Skills:
Information Security, Incident Management, Vulnerability Management, Iso 27001, Incident Response, Solution Architecture, Compliance, Security evaluation and functionality testing, Access controls, Technical specialism, information assurance, CIS, Cybersecurity concepts, Risk Assessment, Security Architecture, digital security, Automation system, Supplier security management, Intrusion detection and analysis, nist, Stakeholder Management, Security Administration
Skills:
Servicenow, Monitoring Tools, Microsoft Azure, Log Analysis, Vercel, SSL certificates, Next.js, CMS platforms, Application Gateway, Application Insights, Sitecore DXP
We don’t charge any money for job offers