Search by job, company or skills

paynet (payments network malaysia)

Principal Specialist, Cyber & Technology Risk (Cloud & Third Party Risk Management)

paynet (payments network malaysia)
Malaysia, Kuala Lumpur
8-10 Years
Save
  • Posted a month ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Why PayNet / Why Now

  • Help protect the trust behind Malaysia's national payment infrastructure as PayNet scales modern platforms
  • Influence decisions that matter, where cloud speed, systemic risk, and regulatory expectations collide
  • Work in a high-stakes environment where governance quality directly enables innovation, not just compliance
  • Partner with senior technology and business leaders to unblock adoption while keeping risk defensible
  • Step into a role with clear visibility, your judgment will shape outcomes at Management and Board level

TL;DR

  • Own cloud and thirdparty cyber risk governance across critical vendors and platforms
  • Decide how risks are assessed, escalated, and reported at enterprise and Board level
  • Shape frameworks that balance secure cloud adoption with regulatory expectations
  • Act as a trusted risk advisor to technology, procurement, and senior leadership
  • Deliver clarity on risk so PayNet can move fast without compromising trust

Why This Role Matters

  • Cloud and thirdparty risks are among PayNet's highestimpact technology exposures
  • Regulatory expectations demand defensible, riskbased oversight, not boxticking
  • Management and the Board rely on this role for clear, independent risk judgment
  • Strong governance here enables safe innovation across national payment platforms
  • Failure in this space carries systemic, reputational, and regulatory consequences

What You Will Actually Do

  • Own and evolve PayNet's cloud security governance framework across Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS)
  • Lead cloud and thirdparty cyber risk assessments that surface material risk, not noise
  • Decide risk treatment positions and drive alignment with risk appetite and regulation
  • Shape thirdparty risk management processes from onboarding through ongoing oversight
  • Consolidate and present risk insights to Management and Board committees with clarity

Examples of This Role in Practice

  • Challenge a proposed cloud architecture by identifying control gaps and redefining risk acceptance conditions
  • Escalate a critical vendor risk with a clear recommendation that influences contract or remediation decisions
  • Redesign thirdparty criticality assessment to better reflect systemic payment risks
  • Translate complex cloud findings into concise Boardlevel risk narratives
  • Balance regulatory expectations with business urgency during a highstakes vendor onboarding

What Will Help You Succeed

  • Deep experience in cyber and technology risk within regulated or critical environments
  • Strong judgment in applying frameworks like Bank Negara Malaysia – Risk Management in Technology (BNM RMiT), ISO 27001, National Institute of Standards and Technology (NIST), Center for Internet Security (CIS), or equivalents
  • Confidence engaging senior stakeholders and standing firm on risk positions
  • Ability to connect cloud technology realities with governance and compliance outcomes
  • Professional certifications (e.g., Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), ISO/IEC 27001) that reinforce credibility

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cyber Security
Employment Type:
Full time

Job ID: 146443453

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Jobs in Top Cities
Popular Jobs
Last Updated: 11-06-2026 00:23:19 AM
Homejobs in MalaysiaPrincipal Specialist, Cyber & Technology Risk (Cloud & Third Party Risk Management)

Similar Jobs

Principal Specialist, Cyber & Technology Risk (Cyber Risk)

paynet (payments network malaysia)
Malaysia, Kuala Lumpur

Skills:

Gap AnalysisIncident ManagementPCI-DSSRegulatory Compliancerisk indicatorsBNM RMiTISO IEC 2700xNACSA regulationscyber risk governancecybersecurity strategyRisk Advisory

Change Specialist, Principal

aia malaysia
Malaysia, Kuala Lumpur

Skills:

Change ManagementGovernance ReportingRisk ManagementInitiativesStakeholder ManagementImpact AssessmentsCommunication Strategies