XCN IT Governance & Vendor Management

Are you a governance and risk expert with a passion for building robust frameworks, managing strategic partnerships, and embracing the future of technology? We are undergoing a dynamic, organization-wide transformation as we shift our core systems to the cloud, and we need a talented Manager, IT Risk, Governance, and Vendor Management to ensure we do it securely, compliantly, and collaboratively.

We pride ourselves on our open, good-culture environment where ideas are valued, collaboration is key, and continuous learning is encouraged. This is a high-impact role where you will directly influence our security posture and operational excellence during this exciting shift.

The Opportunity: What You'll Be Leading

This role sits at the intersection of technology, risk, and business strategy, ensuring our foundational IT processes and external partnerships are rock-solid. Your core responsibilities will include:

Governance, Risk, and Compliance (GRC) Leadership

• Establish and Mature GRC: Develop, implement, and maintain IT Governance frameworks, policies, standards, and processes aligned with regulatory requirements and industry best practices (e.g., ISO 27001, COBIT, NIST).
• Audit and Compliance: Lead IT compliance efforts, prepare for internal and external audits, and manage remediation activities related to IT controls.
• Risk Management: Drive IT risk identification, assessment, mitigation, and reporting, particularly in the context of cloud adoption and third-party reliance.

Third-Party Risk & Vendor Management

• Strategic Vendor Lifecycle: Own the entire vendor management lifecycle, from sourcing and due diligence through contract negotiation, performance monitoring, and termination, ensuring value and adherence to service agreements.
• Third-Party Risk Management (TPRM): Design and execute the TPRM program, including security and compliance assessments, monitoring, and controls for critical and high-risk vendors, especially those providing cloud-based services.
• Sourcing and Selection: Proactively identify, evaluate, and onboard suitable technology vendors (SaaS, IaaS, specialized services) to support our cloud transformation and business needs.

What We're Looking For (Your Profile)

• Proven experience in IT Governance, Vendor Management, IT Risk, or Audit, ideally within the financial services sector.
• Solid understanding of GRC principles, methodologies, and tools.
• Demonstrable experience managing third-party risk and leading vendor sourcing and selection processes.
• Familiarity with cloud computing environments and the unique governance/risk challenges they present.
• Strong communication and negotiation skills, with the ability to influence technical teams, senior leadership, and external partners.
• Certifications such as CISA, CRISC, CGEIT, or similar are a significant advantage.

Why Join The Company?

• Impactful Work: Be a core contributor to a major cloud transformation project that will redefine our business.
• Great Culture: Enjoy a truly collaborative, open, and forward-thinking work environment that values employee well-being.
• Professional Growth: Access continuous learning and development opportunities to stay ahead in the rapidly evolving GRC and Cloud landscape.
  
  

Ready to help us build a secure and compliant future in the cloud? Apply today!

Do note that we will only be in touch if your application is shortlisted.

Agensi Pekerjaan Robert Walters Sdn Bhd
Business Registration Number : 729828-T
Licence Number : JTKSM 423C