BAT is evolving at pace into a global multi-category business. We are on a mission to decrease the health impact of our industry.
To achieve our ambition, we are looking for colleagues who are ready to Be The Change. Come, join us on this journey!

BAT’s Digital Business Solutions KL Hub has an exciting opportunity for a Digital Risk Manager in Malaysia.

We are seeking a highly skilled and experienced Sr. Risk Analyst to join our dynamic and growing team. The ideal candidate will be responsible for identifying, assessing, and managing cyber risks to protect our organization's information assets and ensure the confidentiality, integrity, and availability of our data. The Sr. Risk Analyst will work closely with various departments to develop and support the development and implementation of a robust risk management framework that aligns with the evolving digital landscape.

Your key responsibilities will include:

Develop and maintain strong relationships with the Enterprise Risk Management team and stakeholders from Regional and Central Functions.Perform thorough risk assessments to identify, assess, and prioritize cyber risks related to business processes, emerging technologies, digital platforms, and cloud-based services.Keep the organization's risk register up to date, ensuring timely tracking and mitigation of risks.Create dashboards, reports, and presentations to provide leadership with clear insights into the organization's risk posture.Continuously monitor and review the effectiveness of risk management strategies, proposing necessary adjustments as needed.

What are we looking for?

5+ years of experience in cybersecurity, risk management, IT assurance or related roles.Cybersecurity Fundamentals:Strong knowledge of security frameworks and standards (e.g., NIST RMF, ISO 27001, FAIR, COBIT) Proficiency in using risk management tools and GRC platforms (e.g., ServiceNow IRM, RSA Archer).Understanding of penetration testing and security validation processes.  Understanding of secure cloud computing, emerging technologies, and digital platforms.  Compliance and Regulatory Knowledge:Familiarity with cybersecurity regulations and standards such as GDPR, CCPA, PCI DSS, and SOX.Ability to assess compliance requirements and incorporate them into risk management processes.  Adequate technical knowledge and skills enabling effective communication with IT Services, understanding risks and corresponding mitigations.

Functional / Leadership Skills Required

Risk Communication: Proficient in conveying complex cyber risks in business-relevant terms to both technical and non-technical stakeholders. Project Management:Strong organizational skills to manage multiple concurrent initiatives.  Familiarity with project management methodologies to drive risk-related projects. Data Analytics and Visualization:Ability to analyse and interpret complex data to assess risk and trends.  Proficiency in creating dashboards and reports using tools like Power BI, or Excel.  Self-motivated and results focused; ability to strengthen the team and its mission.Attention to detail and ability to manage multiple priorities in a fast-paced environment.  

Education / Qualifications / Certifications Required

Degree or equivalent in Cybersecurity, Information Technology, or a related field

BENEFICIAL

Certified in Risk and Information Systems Control (CRISC) Certified Information Security Manager (CISM)Certified Information Systems Security Professional (CISSP)

What we offer you?
•    We offer a market leading annual performance bonus (subject to eligibility)
•    Our range of benefits varies by country and includes diverse health plans, initiatives for work-life balance, transportation support, and a flexible holiday plan with additional incentives
•    Your journey with us isn't limited by boundaries; it's propelled by your aspirations. Join us at BAT and become a part of an environment that thrives on internal advancement, where your career progression isn't just a statement – it's a reality we're eager to build together. Seize the opportunity and own your development; your next chapter starts here.
•    You'll have access to online learning platforms and personalized growth programs to nurture your leadership skills
•    We prioritise continuous improvement within a transformative environment, preparing for ongoing changes

WHY JOIN BAT?
We’re one of the few companies named as a Global Top Employer by the Top Employers Institute – certified in offering excellent employee conditions.

Collaboration, inclusion and partnership underpin everything we do here at BAT. We are looking forward to enabling every individual to thrive, regardless of gender, sexual orientation, marital or civil partnership status, gender reassignment, race, religion or belief, colour, nationality, ethnic or national origin, disability, age, skills, experience, education, socio-economic and professional background, veteran status, perspectives and thinking styles. We know that embracing talent from all backgrounds is what makes us stronger and best prepared to meet our business goals.

We see the career breaks as opportunities not obstacles. Through The Global Returners program, we support professionals looking to restart their careers after an extended absence from the workforce (e.g. time out caring for family, parental leave, national service, sabbatical and/or starting an own venture).

Come bring your difference and see what is possible for you at BAT. Learn more about our culture and our award winning employee experience here.

If you require any reasonable adjustments or accommodations to help you perform at your best during the recruitment process, you are encouraged to notify us. We are fully committed to support you by making appropriate arrangements for you to demonstrate your full potential.