VP, IT Risk, Cyber Risk & TPRM

An exceptional opportunity has arisen for an experienced professional to join a global financial services organisation as Vice President Information Technology Cybersecurity and Third Party Risk Management, based in Kuala Lumpur.

Vice President Information Technology Cybersecurity and Third Party Risk Management

This pivotal role sits at the heart of the organisation’s efforts to safeguard its technology and data assets, acting as a key figure in the second line of defence for operational, technology, and cybersecurity risk. You will be instrumental in shaping the risk management strategy, providing oversight and assurance across all aspects of third party security and vendor risk, while working closely with senior stakeholders across business units, regions, and functions. The organisation is committed to fostering a collaborative environment where your expertise in regulatory compliance, risk frameworks, and stakeholder management will be highly valued. Flexible working opportunities are available to support your work-life balance, alongside ongoing training opportunities to further develop your skills within a supportive leadership structure.

• Play a central role in protecting enterprise-wide technology and data by overseeing operational, technology, and cybersecurity risks with a focus on third party and vendor management.
• Collaborate with senior leaders across multiple business units and regions, ensuring robust risk governance and effective implementation of controls aligned with global standards.
• Benefit from flexible working arrangements, generous training opportunities, and a knowledgeable team dedicated to nurturing your professional growth within a supportive environment.

What you'll do:

As Vice President Information Technology Cybersecurity and Third Party Risk Management, you will play an integral part in safeguarding the organisation’s critical assets by driving excellence in operational technology control and third party risk oversight. Your day-to-day responsibilities will involve close collaboration with cross-functional teams to monitor threats, assess vendor risks throughout their lifecycle, intervene when necessary to maintain compliance with internal policies or external regulations, and provide clear communication to senior stakeholders. You will champion a culture of responsible risk-taking by offering expert advice on best practices while supporting remediation efforts for any identified gaps. Your ability to produce high-quality reports and participate meaningfully in governance forums will ensure that the organisation remains resilient against evolving cyber threats. By delivering comprehensive training sessions and promoting knowledge sharing among colleagues, you will help embed a strong sense of accountability for information security throughout the business.

• Oversee and challenge first line proposals related to information security, operational technology controls, third party security risk, and other key domains to ensure alignment with organisational risk appetite.
• Monitor the evolving threat landscape for technology and cybersecurity risks, providing transparent reporting to senior management that supports informed decision-making.
• Lead the assessment of third party vendors throughout their lifecycle—including onboarding, compliance monitoring, and offboarding—to ensure adherence to security requirements and regulatory obligations.
• Intervene when necessary in first line activities that deviate from established or adjusted risk appetites, escalating significant non-compliance matters as appropriate.
• Promote a positive risk culture by guiding teams on best practices for operational technology control and third party risk management within Technology & Operations.
• Support the development of remediation plans for identified risks or control weaknesses, ensuring timely resolution and continuous improvement across business lines.
• Provide expert guidance and training to business units on managing risks associated with third party relationships and security assessments.
• Participate actively in governance forums such as risk committees and working groups to advise on emerging risks and recommend improvements to existing frameworks.
• Ensure high-quality documentation and consistency in reporting across all areas of responsibility, contributing valuable feedback based on practical experience.
• Uphold exemplary conduct by embedding ethical standards into daily operations while ensuring full compliance with applicable laws, regulations, guidelines, and codes of conduct.

What you bring:

To excel as Vice President Information Technology Cybersecurity and Third Party Risk Management you will bring extensive experience gained from complex environments where you have managed both operational technology controls and third party/vendor risks. Your academic background will be complemented by over a decade spent navigating the intricacies of security frameworks within financial institutions or similar regulated sectors. You will have demonstrated success implementing robust due diligence processes for vendors—ensuring not only initial compliance but also ongoing adherence throughout their engagement. Your interpersonal skills will enable you to communicate clearly with technical experts as well as executive leadership while negotiating solutions that balance business needs against regulatory expectations. A deep understanding of non-financial risks—particularly those relating to operational resilience—will underpin your approach as you guide teams through RCSA exercises or remediation planning. Above all else your commitment to ethical conduct combined with your ability to foster collaborative relationships will set you apart as an invaluable partner in maintaining organisational integrity.

• A degree in Information Security, Cybersecurity, Technology or equivalent field demonstrating foundational knowledge relevant to this role.
• At least 10 years’ proven experience in security risk management with a particular emphasis on vendor or third party risk within large-scale organisations.
• Extensive background in financial institutions or outsourcing environments supporting third party management either from a first or second line perspective.
• Comprehensive understanding of the end-to-end vendor lifecycle including onboarding processes, ongoing compliance monitoring, due diligence activities, offboarding procedures, and associated regulatory requirements.
• Deep familiarity with non-financial risk management principles—especially operational risk—and hands-on experience applying Risk Control Self Assessment (RCSA) frameworks.
• Demonstrated ability to conduct thorough due diligence reviews covering financial stability, operational resilience, cybersecurity posture, and overall compliance of third parties.
• Proven track record of monitoring third party adherence to security requirements through regular assessments and transparent reporting mechanisms.
• Exceptional verbal and written communication skills enabling you to engage effectively with diverse stakeholders at all levels of the organisation.
• Strong negotiation abilities coupled with advanced stakeholder management skills that foster trust-based relationships across business units.
• In-depth knowledge of regulations governing outsourcing arrangements within financial services environments.

What sets this company apart:

This global financial services institution stands out for its unwavering commitment to building resilient systems that protect both clients’ interests and internal operations. With a strong focus on collaboration across borders—supported by flexible working opportunities—the organisation empowers employees at every level to contribute meaningfully towards shared goals. Training opportunities abound for those eager to expand their expertise while being mentored by some of the industry’s most knowledgeable professionals. The leadership team is dedicated not only to upholding rigorous standards but also nurturing talent through supportive structures designed for long-term career progression. Employees benefit from an inclusive environment where diverse perspectives are valued; this ensures innovative solutions are developed collectively rather than in isolation. If you are seeking an employer who prioritises both personal growth and professional excellence within a framework built on trust responsibility then this is the ideal place for you.

What's next:

If you are ready to make a significant impact in shaping the future of information security risk management at a leading global institution we encourage you to take the next step today.

Apply today by clicking on the link provided – seize this opportunity to advance your career within an inspiring environment focused on collaboration growth and excellence.

Do note that we will only be in touch if your application is shortlisted.

Agensi Pekerjaan Robert Walters Sdn Bhd
Business Registration Number : 729828-T
Licence Number : JTKSM 423C