Portfolio Company Careers

Discover opportunities across our network of values-driven companies!
Sovereign’s Capital
Sovereign’s Capital
50
companies
693
Jobs

Senior Specialist - IT Governance, Risk Management, ControlsMalaysia

Grab

Grab

IT
Malaysia
Posted on Tuesday, May 16, 2023

Life at Grab

At Grab, every Grabber is guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles - the 4Hs: Heart, Hunger, Honour and Humility. These principles guide and help us make decisions as we work to create economic empowerment for the people of Southeast Asia.

Get to know the Team

Grabber Technology Services (GTS) aims to be a technology leader that provides predictive and seamless experiences to all Grab employees (Grabbers). We are a diverse team of technology practitioners looking to out-serve Grabbers with positive, personalised IT experiences. We are looking for individuals with similar customer-centric and innovative values to join our growing team.

Get to know the Role

The GTS Governance Specialist reports to the Governance Leader. The Governance team is the trusted IT Risk advisor and partner to ensure the appropriate IT Risk and controls are in place.

The Day-to-Day Activities

This role will:

  • Support Governance Leader in the GTS Governance program to roll out the right level of IT controls required for the overall Grab and GTS IT Risk Management framework and processes.

  • Improve and maintain GTS IT Risk Management framework and processes, including alignment to Grab ERM framework and processes

  • Take lead in the development, review and reporting of key IT risk exposures and metrics (e.g. KRIs and KPIs), and provide independent reporting on the IT risk posture or activities to the management team and stakeholders (e.g. second line of defence)

  • Conduct IT risk assessments; identify and assess IT risks, evaluate countermeasures and recommend effective controls to mitigate IT risks.

  • Monitor IT risks, map risk profiles and manage the IT risk register,

  • Develop and maintain excellent working relationships with risk owners, and manage risks to minimize impact from incidents, breaches or non-compliance

  • Deliver technology risk oversight using data-driven risk reports and ensure maintenance of IT risk register

  • Identify and implement initiatives to promote and uplift the IT Risk Management culture in GTS

  • Conduct regular communication and refresher trainings to maintain a good level of IT risk awareness

  • Assist with the management and coordination of audits (e.g. IT SOX)

  • Perform ad-hoc independent thematic reviews on IT processes to uncover issues and follow through with the remediation action plan.

  • Provide ad-hoc due diligence and advice on IT Risk topics for Merger and Acquisition (M&A) as needed

The Must-Haves

  • At least 5 years of relevant experience in IT Governance, Risk Management and Controls

  • Deep expertise in Enterprise IT Governance including IT risk management and controls using COBIT (COBIT 5 or COBIT 2019) framework in highly regulated environments.

  • Excellent business acumen, commercial and analytical skills to negotiate and influence stakeholders.

  • Excellent problem-solving, critical thinking and applying sound project management to assigned work.

  • Excellent communication (written, verbal and presentation) and interpersonal skills

  • Ability to work independently on semi ambiguous tasks with limited supervision

The Nice-to-Haves

  • CISM or CISA or CRISC certifications

  • COBIT 2019 Foundation Training

Our Commitment

We recognize that with these individual attributes come different workplace challenges, and we will work with Grabbers to address them in our journey towards creating inclusion at Grab for all Grabbers.

Forward together

Follow us and keep updated!

Equal opportunity

Grab is an equal opportunity employer. We owe our success to the talents of our globally-diverse team and the varying perspectives they add to our thriving community.

Recruitment agencies

Grab does not accept unsolicited resumes sent by recruiting agencies. Please do not forward resumes to our job postings, Grab employees or other parts of the business. Grab will not be liable to pay any fees to agencies for candidates hired as a result of unrequested resumes.