Manager IT Governance, Security & Risk

FGV Holdings Berhad is Malaysia’s leading global agri-business and the world’s largest producer of Crude Palm Oil (CPO). FGV’s operations stretch across more than 10 countries in Asia, the Middle East, North America and Europe, and are focused on three main business sectors namely Plantation Sector, Logistics & Support Business (LSB) Sector and Sugar Sector. FGV is the world’s third biggest oil palm plantation operator, has the world’s largest bulking and storage facilities for vegetable oil and is Malaysia’s top refined sugar producer.

Job Description

• Managed, coordinated, and led Risk & Security initiatives to enhance security measures and minimize risks across the FGV Group by adopting relevant IT Security Standards and Frameworks while ensuring compliance with legal and audit requirements.
• Oversaw the IT Governance framework and practices, including IT audits, in alignment with established governance standards such as COBIT and ITIL.
• Implemented security-related projects while driving security awareness initiatives across the FGV Group.
• Held overall responsibility for IT Security and Risk Management, ensuring the confidentiality, availability, and integrity of the Group’s information assets, IT infrastructure, platforms, and systems.
• Ensured the FGV Group possessed the necessary security capabilities, including tools and processes, to comply with all legal, regulatory, and internally developed standards or policies, safeguarding against vulnerabilities, breaches, and attacks.
• Developed, reviewed, and maintained critical IT Security Frameworks, policies, procedures, and controls, ensuring compliance with legal and regulatory requirements while identifying areas for improvement.
• Monitored and provided regular reports on IT security, ensuring policies, procedures, and controls were effectively implemented, enforced, and protecting systems from threats.
• Conducted proactive risk assessments on IT security, infrastructure, and systems to identify and mitigate vulnerabilities.
• Collaborated with internal and external auditors on IT-related audit matters, ensuring compliance and continuous improvement.
• Acted as the risk champion, driving the IT risk management framework in coordination with GRMD.
• Worked closely with Group Governance on IT governance-related matters.
• Engaged with the IT Security Working Committee, including representatives from subsidiaries, to facilitate the adoption of security best practices and provide consultation and support to business units.
• Partnered with internal teams, external stakeholders, vendors, and related parties to strengthen security across the FGV Group.
• Worked alongside the Operations team to deliver security awareness programs and training across the organization.

• Must hold at least a Bachelor's Degree in Information Technology, Computer Science, Computer Engineering, or a related IT Security field from an accredited university or institution, along with relevant qualifications.
• Strong knowledge of security and regulatory standards/frameworks such as COBIT, ISO 27001, GDPR, and PDPA.
• Minimum of 5 years of hands-on technical experience in managing IT Governance and Security for large organizations, GLCs, or MNCs, covering all relevant platforms.
• Possession of IT Security certifications such as CISO, CISSP, CISM, CCIE, CCNP, or CCNA Security is preferred.
• In-depth understanding of security technologies, including SIEM, Firewalls/NGFW, IDS/IPS, EDR, DLP, EUBA, Micro-Segmentation, SDN, SD-WAN, VPNs, and encryption technologies.