OneMain Financial Jobs

Suite 7.01A & Suite 7.03 Level 7 Lingkaran Syed Putra Wilayah Persekutuan Kuala Lumpur 59200

Why Valmont

We’re Here to Move the World Forward.

Valmont impacts millions of people around the world every day, yet they might not realize the many ways. Our technology is helping feed the growing population, supplying the world with more reliable energy and access to renewables, enhancing connectivity in remote and urban locations to create a sustainable future and so much more. Simply put, Valmont is advancing agricultural productivity and reimagining vital infrastructure to make life better.

Join a Fortune 1000 company that respects hard work, honors diversity and invests in our employees as we focus on creating the world of tomorrow, today. We are the modern workforce . Are you ready to move the world forward? Apply now.

Primary Responsibilities:

• Maintain the IT risk inventory to track identified issues and risks, including risk acceptances and remediation plans; provide governance, oversight, and reporting on issues and risks.

• Lead the planning, scoping, execution, and documentation of risk management activities associated with technology and technology-related risks including cybersecurity and OT environments.

• Identify, validate, and assess security risks; develop, socialize, and guide engineering and business teams through risk treatment plans.

• Design and build automation for GRC processes including evidence collection, control validations, real-time control effectiveness checks, and broader GRC workflows such as risk register, Third Party Risk assessments, and enterprise systems controls definition.

• Design data pipelines that aggregate and normalize risk-relevant data across enterprise systems to support KRIs, control-maturity insights, and risk dashboards.

• Automate repeatable GRC processes including compliance monitoring, reporting, and evidence loading across multiple data inputs and information systems; set up control attestation and evidence automation workflows and build KRI/KPI scorecards across business units.

• Lead collaboration efforts with IT value stream owners to define and implement effective control activities, processes, and standards and document supporting policies and procedures.

• Consult and assist IT Risk and Control Owners in the planning, design, implementation, operation, maintenance, and remediation of control activities and supporting requirements such as policies, standards, processes, and system configurations.

• Support incident response from a compliance perspective, contributing to analysis, containment, and mitigation strategies; coordinate with Legal on breach notification and regulatory reporting requirements.

Additional Responsibilities:

• Lead security reviews for proposed AI technologies, evaluating risks related to data handling, model behavior, and system integration, aligned to NIST AI RMF and ISO 42001.

• Integrate AI-specific security controls into enterprise governance processes such as procurement, vendor risk management, and software change control.

• Establish measurable indicators of AI risk posture and effectiveness of AI security controls.

• Build dashboards and operational views that present risk trends, control-maturity indicators, and audit-readiness status.

• Serve as the automation SME for troubleshooting, system design, and expanding capabilities; partner with GRC team members to validate expected behavior and troubleshoot gaps.

• Develop and maintain repeatable automation patterns to support consistent vendor onboarding and third-party risk assessments across the organization.

• Contribute to the development and publication of information security policies, standards, and guidelines related to AI and emerging technologies.

Required Qualifications of Every Candidate (Education, Experience, Knowledge, Skills and Abilities):

• Minimum 5 years of experience in information security, risk management, or GRC, with at least 2 years of hands-on experience in security engineering, automation development, AI security, or data security.

• Working knowledge of GRC and cybersecurity frameworks including SOC 2, NIST CSF 2.0, CIS Controls v8, and ISO 27001; familiarity with AI governance frameworks such as NIST AI RMF and ISO 42001; and practical understanding of the Three Lines of Defense model as applied to IT control ownership and risk accountability.

• Experience performing cybersecurity risk assessments, business impact analysis, planning, and reporting; foundational understanding of Risk Management concepts and principles.

• Demonstrated data and automation skills including experience with Power BI, SQL, or Python for data preparation, transformation, and analytics.

• Hands-on experience with one or more GRC automation platforms such as Vanta, Anecdotes, 6clicks, or AuditBoard, including configuring questionnaires, workflows, object models, APIs, and role-based dashboards; experience with ServiceNow IRM/GRC, Jira, and cloud platforms such as Azure or GCP is strongly preferred.

• Must be available for U.S. time zone meetings; flexible/hybrid schedule with ability to work in the office on a regular basis.

• High level of initiative and self-motivation; self-driven and capable of managing priorities independently while maintaining clear communication and alignment.

• Excellent written and verbal communication skills; able to convey complex topics to diverse audiences including executives.

• Problem-solving, critical thinking, and analytical ability; comfortable working in evolving environments and bringing structure to new or ambiguous domains.

• Ability to work independently and as part of a team in a fast-paced, dynamic environment.

Valmont does not discriminate against any employee or applicant in employment opportunities or practices on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, veteran status, disability or any other characteristic protected by law. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

If you have a disability and require any assistance in filling out the application for employment email EEOCompliance@Valmont.com.

2026-06-22

Highly Qualified Candidates Will Also Possess These Qualifications:

• Bachelor’s or Master’s degree in computer science, Computer Engineering, Information Systems, Cybersecurity, or related field.

• Six or more years of experience in information security risk and compliance with a broad knowledge of network, cloud, and enterprise systems.

• Background in manufacturing, industrial technology, or OT/ICS environments; experience at Valmont or similar diversified industrial enterprise is a plus.

• Demonstrated leadership experience developing or scaling security or compliance programs across a diversified enterprise.

• Professional certifications such as CRISC, CISSP, CISM, CISA, AIGP, or equivalent GRC/security credentials.

Valmont is here to modernize vital infrastructure and increase agricultural productivity, sustainably and reliably. We galvanize steel to last a century with minimal environmental impact. We modernize irrigation to feed a growing population by utilizing the latest technology. We harden the electrical grid to enable the delivery of reliable power to millions of homes around the world. And we help make communities everywhere safer, cleaner and more connected through our smart infrastructure technology.

Valmont serves two primary markets — agriculture and infrastructure — and seven diverse product lines: Utility, Lighting and Transportation, Telecom, Solar, Coatings, Irrigation and Ag Tech. We manufacture products in 85 facilities spread across six continents, and we do business in 100 different countries.

That’s what Valmont does. We conserve resources and improve life, finding ways to make innovation and technology beneficial in the real world.

• That’s the value we add.