Executive - GRC (Cybersecurity)

Key Responsibilities

• Support the documentation and maintenance of cybersecurity policies, procedures, standards, and guidelines under the guidance of the line manager
• Review and assess practices across Monitoring, Incident Response, Platform Engineering, Service Management, Threat Intelligence, Red Teaming, and Penetration Testing to ensure alignment with the GSOC policy and control universe, supported by dashboards and metrics
• Enrich operational practices by benchmarking against industry good practices and standards, and enhance data visibility through correlating models and structured reporting
• Gather and consolidate inputs from Operating Companies (OpCos), group-level projects (e.g., Insurance studies, Risk Management initiatives, Board and Risk Committee papers) to ensure alignment across SOC operations, OpCos, and strategic initiatives
• Support governance reporting by ensuring timely submission of reports to OpCos, management, and other entities, while tracking issues, gaps, and inconsistencies to closure
• Continuously review and improve data sources used for cybersecurity governance, risk, and performance reporting
• Assist in external GTM initiatives under the Axiata Cyber Fusion Center, including preparation of client-facing materials such as maturity assessment reports, dashboards, proposals, and presentation decks
• Support client engagements by coordinating inputs, maintaining engagement trackers, and ensuring deliverables are aligned to agreed scope and timelines
• Build foundational client relationship management skills by interacting with customers and partners in a professional manner, supporting follow-ups, and contributing to positive client experience during cybersecurity engagements
• Collaborate with internal technical teams to translate cybersecurity findings into clear, business-focused insights for both internal and external stakeholders

Person Specifications

• Up to 03 years of experience in Cybersecurity Governance, Risk and Compliance, including reporting and maturity assessments, with good knowledge of security concepts aligned to NIST Cybersecurity Framework, ISO/IEC 27001, and SOC frameworks
• Bachelors degree in Information Security, Computer Science, Information Technology, or equivalent professional certifications (e.g., CISA, CISM, CRISC – preferred)
• Strong problem-solving and analytical skills
• Good report writing and documentation skills
• Good project management and coordination skills
• Working knowledge of Power BI and advanced Excel modelling for dashboards and reporting
• Good communication skills with the ability to interact with internal stakeholders and external clients