Principal Specialist, Cyber & Technology Risk (Cyber Risk)

PayNet (Payments Network Malaysia)

Federal Territory of Kuala Lumpur

Description

Why PayNet / Why Now

  • PayNet operates national payment infrastructure where cyber failure has systemic impact
  • Threat sophistication and ecosystem interdependencies are increasing faster than legacy controls
  • Regulators expect defensible, enterprise‑level cyber risk judgment, not technical assurance alone
  • The Board requires clearer visibility into cyber exposure and decision trade‑offs
  • This role anchors trust as PayNet scales innovation across a national participant ecosystem

TL;DR

  • Own enterprise-wide cyber and technology risk governance for PayNet
  • Decide how cyber risks are assessed, surfaced, and escalated to the Board
  • Lead regulatory and standards-based cyber compliance across the organisation
  • Act as PayNet’s trusted authority on cyber risk judgment and assurance

Why This Role Matters

  • Cyber risk failures directly threaten national payment stability and trust
  • Regulators and the Board rely on this role for clear, defensible risk insight
  • Strong cyber governance enables PayNet to innovate safely at national scale
  • Participant ecosystem risks require independent, enterprise-level oversight
  • This role sets the maturity bar for PayNet’s cyber risk management

What You Will Actually Do

  • Shape and own PayNet’s cyber risk governance frameworks, policies, and standards
  • Build and run a central cyber risk dashboard that drives executive decisions
  • Lead cyber regulatory and standards compliance assessments and remediation tracking
  • Drive the execution of PayNet’s cybersecurity strategy across stakeholders
  • Oversee cyber risk exposure across PayNet and its participant ecosystem
  • Decide and advise during cyber incidents, including regulatory notification readiness

Examples of This Role in Practice

  • Present a clear cyber risk position to the Board to support a major platform decision
  • Challenge control effectiveness and require remediation before risk acceptance
  • Lead a Bank Negara Malaysia – Risk Management in Technology (BNM RMiT) or National Cyber Security Agency (NACSA) compliance review and close material gaps
  • Advise executives during a cyber incident on classification and regulatory triggers
  • Escalate emerging ecosystem risks before they crystallise into systemic issues

What Will Help You Succeed

  • Deep experience in cyber and technology risk governance within regulated environments
  • Strong judgment to balance innovation, resilience, and regulatory expectations
  • Ability to translate complex cyber risk into clear executive‑level decisions
  • Confidence to challenge stakeholders and defend risk positions independently
  • Credibility built through recognised cyber or risk certifications