Senior Specialist, Compliance & Risk Management  

** For registered candidates, please login to apply

Life at U Mobile

We are Passionate, Innovative, Trustworthy, Team-Oriented & Fun-Loving.

At U Mobile, we are always on the lookout for great talents and passionate individuals to join our growing team.
Let’s start your journey with an award-winning organization!

#UnbeatableCareerAwaits

Top Reasons To Join Us!
•  Awarded For
    o Most Preferred Employers in Telecommunication Industry (2022, 2023 & 2024)
    o Bronze Winner in Cross-Generational Workforce Engagement (2024)
    o Gold Winner for Excellence in Workplace Culture (2021)
•  Comprehensive medical, dental, optical and insurance benefits
•  Flexi working hours arrangements
•  Staff Line & Device Subsidy
•  Smart Casual Attire
•  Child Parental Care Leave
•  Convenient location with access to public transport (Imbi Monorail/Bukit Bintang MRT)
•  Special employee discounts for selected F&B Brands

Job Summary

Responsible for ensuring compliance with regulatory, industry, and internal governance requirements across IT and network environments. Supports risk management, audit readiness, and internal control effectiveness aligned with standards such as MCMC, PDPA, ISO 27001, ISO 22301, PCI DSS, and NIST. Works closely with cross-functional teams to identify risks, track compliance gaps, and drive remediation actions, while providing governance reporting and supporting continuous improvement of security and operational controls.

The Day-To-Day Activities

Compliance Oversight
  • Ensure compliance with regulatory and industry requirements such as MCMC, PDPA, ISO 27001, ISO 22301, and PCI DSS.
  • Support audits for IT infrastructure, core network, firewall systems, and network platforms.
  • Support the maintenance of IT and network governance policies, standards, and controls.
  • Track audit findings and follow up on closure actions.
Technology & Network Risk Management
  • Identify and assess risks related to IT systems and telecom core platforms.
  • Maintain risk registers covering cybersecurity, outages, capacity, vendor, and system risks.
  • Support risk assessments for critical systems, infrastructure, and cloud environments.
Internal Controls & Monitoring
  • Support implementation of controls aligned with ISO 27001, NIST, and telco operational standards.
  • Conduct reviews on access management, vulnerability management, system changes, and security monitoring.
  • Review system logs, alerts, and change records to ensure compliance requirements are met.
Policy & Governance
  • Support the development and maintenance of IT and network governance policies and standards.
  • Support governance and audit-related activities.
Incident & Compliance Management
  • Assess compliance gaps and control weaknesses related to incidents or outages.
  • Participate in investigations involving cybersecurity incidents and service disruptions.
  • Review RCA reports to ensure compliance requirements are addressed.
Vendor & Regulatory Compliance
  • Assess risks related to vendors, third parties, and managed service providers.
  • Support regulatory audits, reporting, and compliance activities.
Reporting & Stakeholder Management
  • Prepare compliance and risk reports for management.
  • Work closely with IT, Network, Cybersecurity, and regulatory teams.
  • Support compliance awareness and training activities.

About You
  • Bachelor’s degree in Information Technology, Telecommunications, Engineering, Cybersecurity, or a related field.
  • Master’s degree is an added advantage.
  • Minimum 8 years of experience in compliance, risk, audit, governance, or cybersecurity within IT or telecommunications environments.
  • Professional certifications such as ISO 27001 LA/LI, CRISC, CISM, CCNA/CCNP, ITIL, COBIT, or 4G/5G core certifications are an added advantage.
  • Strong understanding of telecom core networks, IT infrastructure, network security, EPC/5GC, virtualization, and cloud technologies.
  • Knowledge of governance and risk frameworks such as ISO 27001 and NIST.
  • Ability to review technical logs, configurations, and system documentation.
  • Strong analytical, risk assessment, and problem-solving skills.
  • Good communication, stakeholder management, and collaboration abilities.
  • High integrity, accountability, and a proactive mindset with willingness to learn new technologies and regulations.
#LI-NE1

  Spoken Language:  Malay, English

  Written Language:  Malay, English

What’s Next ?
Once you have applied online, our team will review your application and due to a high volume of applications, only shortlisted candidates will be notified.