Who are we Frencken Group Limited (FGL) is a Global Integrated Technology Solutions Company focusing on the Aerospace, Analytical, Automotive, Healthcare, Industrial, Industrial Automation, Life sciences and Semiconductor segments. Offering global integrated design, prototyping, NPI, manufacturing and supply chain solutions. Frencken's success is attributed to its technology, operations excellence and employees, and the quality of its leadership. This position will be based at Georgetown, Penang, Malaysia (Frencken Corporate Office). Job Responsibilities: 1. Lead the End-to-End Certification and Compliance for Industrial Standards Drive the strategic planning, implementation and maintenance of industrial certifications, such as ISO 27001, in collaboration with external consultants and internal stakeholders. Establish project timelines and provide regular status updates to leadership teams to ensure on-track execution. Ensure continuous compliance by embedding necessary controls, periodic review and improvement measures in line with the latest revisions. 2. Policy Governance and Compliance Framework Co-develop, review and maintain policy frameworks in alignment with applicable industrial and regulatory standards. Establish and manage the structure, process and documentation as required by internal policies and external certifications. Draft, review and update governance documents including policies, Standard Operating Procedures (SOPs), work instructions and the associated compliance manuals. Lead internal and external audit requirements to ensure coordination across Local IT resources and business units. Chair the Change Management Review Committee for compliance domains, overseeing impact analysis and approval for recommended policy/process changes. Design and deliver security awareness training modules and campaigns to enhance the organization's security awareness and foster a culture of compliance. 3. Cybersecurity Operations Governance Oversee third-party security operators in areas such as endpoint, firewall, Active Directory, and other applications, as required under the compliance requirements. Design and maintain a real-time Global Cyber Risk Dashboard with regular reporting to the leadership team. Coordinate cross-functional remediation efforts to address identified vulnerabilities, collaborating with local IT resources and engineering stakeholders. Update and deliver internal IT security training and coordinate with relevant stakeholders on awareness programs. Regularly liaise with internal functions such as Internal Audit, Legal, HR and the business on security matters such as guidance, routine security activities, emerging security risks and control technologies and potential security risk identified. Liaise with external parties such as regulatory bodies, consultants, legal advisers and other relevant parties on security breach incidence, where applicable. Job Requirements : Bachelor's degree in Information Security, Computer Science, Information Systems, Compliance, Quality Management or a related discipline. Professional certifications, such as ISO 27001 Lead Implementer or Auditor, CISA, ISO 9001 Auditor, and NIST Practitioner, are preferred but not required. 7+ years of hands-on experience in IT or cybersecurity compliance, risk management, operational governance or audit functions. Preferred certifications in Certified Information Systems Security Professional ("CISSP") and/or Certified Information System Manager ("CISM"), with ISO 27001 Implementor or Auditor experience. Proven track record in managing industrial certifications end-to-end from planning to audit closure. Strong knowledge of compliance frameworks, risk management processes and control implementation across industrial environments. Demonstrated experience engaging with diverse stakeholders across global IT teams, functional departments (e.g., Legal, Internal Audit, HR), and external parties such as auditors, consultants, and regulators. Show more Show less