JAAbout Jacky
I’m a strategic and forward-thinking technology risk and cybersecurity leader with over 15 years of experience across global financial institutions and regulated industries. My expertise spans Technology Risk Management, Business Continuity, Cybersecurity, and IT Governance, with a proven track record of building resilient frameworks and leading enterprise-wide initiatives.
Currently serving as Head of Technology Risk & BCM and Chief Information Security Officer (CISO) at Kenanga Investment Bank, I lead risk strategy, cybersecurity policy, and business continuity planning aligned with global standards such as ISO 27001, NIST, GDPR, and BNM RMiT.
My career journey includes impactful roles at Bank of China, Commerzbank Group, AmBank, QTerminals, and The ICSS, where I’ve:
Led cross-border audits and regulatory engagements
Designed and implemented governance frameworks
Advised on emerging tech risks including AI, quantum computing, and digital assets
Managed cybersecurity incident response and resilience strategies
I’m also an active contributor to the professional community as a Board Member of ISACA Malaysia Chapter, helping shape the future of IT governance and cyber resilience in the region.
Malay
Native or bilingual
English
Fluent
Chinese
Native or bilingual
Remote only
Primarily works remotely
Experience
- Kenanga GroupHead Tech. Risk and BCMJanuary 2025 - Today (1 year and 5 months)Kuala Lumpur, Federal Territory of Kuala Lumpur, MalaysiaLead and oversee the Group's Technology Risk Management, focusing on establishing robust governance and control frameworks to effectively identify, assess, and mitigate technology risks. Ensure that all technology risks are managed within the approved risk appetite and are fully compliant with internal policies, industry best practices, and regulatory requirements. Serve as the Group's Chief Information Security Officer (CISO), responsible for
- Bank of China (Malaysia) BerhadDeputy Director - Technology Risk ManagementNovember 2022 - January 2025 (2 years and 2 months)Kuala Lumpur, Federal Territory of Kuala Lumpur, MalaysiaEnsure the effective implementation and enforcement of TRM and IT policies, frameworks, and other technology-related regulatory requirements to safeguard the organization's technology environment. Develop and maintain a robust cybersecurity incident response framework to enhance resilience and guide response efforts during incidents. Additionally, support and coordinate investigations of information security incidents, ensuring an effective response that minimizes impact and risk.
- Commerz Trade Services (a subsidiary of Commerzbank Group)Chief of Information Security Officer | Head of IT Security | Data Protection OfficerDecember 2021 - November 2022 (11 months)Kuala Lumpur, Federal Territory of Kuala Lumpur, MalaysiaResponsible for developing and implementing the Group's Organization and Security strategy, ensuring the effective delivery of organizational functions and the provision of comprehensive information and physical security services to Commerz Trade Services KL. Strategic initiatives are aligned with global standards while maintaining compliance with local regulatory and legal requirements.
Recommendations
Be the first to recommend Jacky
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- ISO 9001:2015 QMS Lead Auditor Microsoft Office Specialist (MOS) Master Hacker Techniques, Exploits and Incident Handling IC3 COBIT2019ISO 9001:2015 QMS Lead Auditor Microsoft Office Specialist (MOS) Master Hacker Techniques, Exploits and Incident Handling IC3 COBIT
- Master of ICT ManagementAsia e University2015Master of ICT Management