KPMG Malaysia
KPMG Malaysia
ETRC Manager (Governance, Risk & Compliance) (Experienced)
KPMG Malaysia
Petaling Jaya, Selangor, Malaysia


As the pace of digital continues to accelerate, organizations are expected to make faster decisions and move from ideation to revenue with speed. In the race to harness emerging technologies faster than the competition, organizations are sidestepping the IT function and neglecting governance, which can lead to significant costs, risks and diminished value of IT investment. It is becoming ever more apparent to Board members and senior management alike that emerging technology risk is one that must be understood and managed effectively.

At KPMG’s ETRC, we help our clients to bridge the gap between company leadership and the increasingly complex requirements being placed on companies by regulators and international standards alike. We help our clients to establish a strong governance and compliance framework that embraces disruptive technologies and encourages innovation while ensuring risks are identified and managed. We believe this is a critical success factor for any organization to survive and thrive in this digital era.


o Work closely with the Director and Associate Director to deliver exceptional work and manage day-to-day operations matter

o Manage and deliver regulatory/industry standard compliance assessments, risk control assessments and supply chain & third-party security assessments, including the identification of areas for improvement, development of remediation action items and providing awareness training

o Manage and support the team in various cyber risk related engagements including security strategy, policy and architecture, information privacy and governance, certification and compliance, business and technology resilience and security testing

o Communicate technical engagement findings in business terms to senior management and convince the adoption of best practices and KPMG recommendations

o Identify performance improvement opportunities for internal team and clients

o Monitors trends and continuously assesses staff/security system capabilities to meet business demands.

o Documents and revises procedures and playbooks for teams, processes and technology to provide a standard security practice and increase team effectiveness.

o Collaboration with other KPMG service lines to identify synergies in offerings

o Build and maintain relationships with existing and prospective clients, and develop / improve your network of business contacts

o Remain up-to-date on the latest cybersecurity threats, vulnerabilities and regulatory requirements relating to existing and emerging technologies such as Blockchain, Artificial Intelligence (AI), Internet of Things (IoT), Cloud Computing and NIST Framework.

Requirements :

o A recognized university degree in technology, engineering, or business studies with information systems major/minor from an accredited college / university along with deep interest in technology risk, security and IT governance will be considered

o Professionally qualified preferred (e.g. CISSP, CRISC, CISA, CISM, CGEIT, PMP, ISO 27001 Lead Auditor / Implementer or other relevant qualifications)

o More than 5 years of relevant experience in technology audit, risk management, regulatory compliance

o Experience working in the Big Four is an added advantage

o Excellent written and verbal communication skills in English

o Able to document technical information for executive level reporting and presentation

o Strong interpersonal skills with a demonstrated ability to gain the confidence and respect of senior level executives

o Strong client services orientation and accustomed to taking an active role in executing client engagements

o Strong analytical and management skills

o Strong technical knowledge in operating systems, networking, applications, and a good understanding of security issues

o Independent, self-motivated, organized, and results oriented individuals capable of handling multiple tasks and achieving tight deadlines

o A client centric mind-set, understanding of IT within a Business context is desirable

Show More
Already applied to this job? Login
pulsifiPowered by Pulsifi