全职 Governance, Risk - Compliance (GRC) Manager – Certification Authority (CA) 工作, 薪水 up to MYR 10,000, Vista Kencana Federal Territory 公司招聘中 - Ricebowl

Regulatory Compliance Management

• Ensure compliance with: 
• Digital Signature Act 1997 
• Malaysian Communications and Multimedia Commission (MCMC) guidelines 
• Relevant industry and cybersecurity regulations 
• Monitor regulatory updates and implement necessary compliance changes 
• Liaise with regulators, government agencies, and relevant authorities
  

Standards, Certification & Audit Management

• Ensure compliance with international Certification Authority (CA) standards including: 
• WebTrust for Certification Authorities 
• ETSI EN ************* 
• ISO/IEC 27001 
• CA/Browser Forum Baseline Requirements 
• Coordinate and manage: 
• External audits (e.g., WebTrust audits) 
• Internal compliance reviews 
• Audit remediation and corrective action plans 
• Track audit findings and ensure timely resolution
  

Policy & Governance Management

• Develop, review, and maintain governance documents including: 
• Certificate Policy (CP) 
• Certification Practice Statement (CPS) 
• Compliance policies and operational procedures 
• Ensure documentation aligns with regulatory and industry standards 
• Manage document versioning, publication, and repository obligations
  

Risk & Compliance Monitoring

• Conduct compliance and operational risk assessments 
• Monitor adherence to: 
• Certificate issuance and revocation processes 
• Key management procedures 
• Cryptographic and security controls 
• Identify compliance gaps and implement corrective actions and process improvements
  

Operational Oversight (Trust Services)

• Oversee governance and compliance of trust service operations including: 
• Identity verification and eKYC processes 
• Digital certificate issuance, renewal, and revocation 
• Key lifecycle management and cryptographic controls 
• Coordinate incident response and breach management activities 

Reporting & Stakeholder Management

• Prepare compliance and governance reports for senior management 
• Monitor SLA performance with partners and customers 
• Act as the primary liaison for auditors, regulators, enterprise clients, and relying parties when required 
• Support customer due diligence and compliance assurance activities