Governance, Risk & Compliance (GRC) Manager – Certification Authority (CA)

Regulatory Compliance Management

• Ensure compliance with:
• Digital Signature Act 1997
• Malaysian Communications and Multimedia Commission (MCMC) guidelines
• Relevant industry and cybersecurity regulations
• Monitor regulatory updates and implement necessary compliance changes
• Liaise with regulators, government agencies, and relevant authorities

Standards, Certification & Audit Management

• Ensure compliance with international Certification Authority (CA) standards including:
• WebTrust for Certification Authorities
• ETSI EN 319 411
• ISO/IEC 27001
• CA/Browser Forum Baseline Requirements
• Coordinate and manage:
• External audits (e.g., WebTrust audits)
• Internal compliance reviews
• Audit remediation and corrective action plans
• Track audit findings and ensur...