Risk and Compliance Analyst

At NEXTDC we are building the heart of Australia & Asia’s high-tech future. We design, build and operate world class, next generation data centres, using cutting edge, environmentally efficient infrastructure to service the specific requirements of local, international hyperscale customers.

We are establishing a new data centre in PJ, meeting the current and future digital needs of Malaysia by accelerating job skills, direct investment and economic prosperity.

At NEXTDC, we know that our success depends on the talents of our people, and we foster a culture of continued learning and development. Our culture is built on collaboration and innovation, we are passionate about what we do, and we are committed to our mission to be the leading customer-centric data centre services company.

Where Cloud lives and AI thrives

We’re looking for a motivated, detail-oriented Risk & Compliance Analyst to join our global Risk & Compliance team. Based in PJ, Malaysia, you’ll play a key role in supporting our operations worldwide by helping to identify, assess, and manage risks, ensure compliance with laws, regulations, and internal policies, and contribute to enterprise-wide risk management initiatives.

Enterprise Risk & Compliance

• Support the maintenance and ongoing enhancement of the company’s enterprise risk and compliance frameworks
• Facilitate and coordinate risk assessments across all business functions, working closely with stakeholders to identify, assess, document and monitor key risks. This includes supporting business owners in understanding risk exposures, ensuring consistent application of the enterprise risk framework, and contributing to the ongoing maintenance and enhancement of organisational risk registers.
• Guide and support risk owners in the development and implementation of policies, procedures and internal controls to effectively mitigate identified risks.
• Support internal and external audit and assurance activities
• Coordinate with local and global teams to ensure compliance with applicable regulations across all operating jurisdictions.
• Prepare clear and insightful risk and compliance reports for management and key stakeholders.
• Monitor and communicate regulatory and legal developments impacting the global data centre industry.
• Contribute to training and awareness initiatives to promote a strong, risk-aware culture across the organisation.

Third-Party Risk Management (TPRM)

• Support the development and rollout of a robust Third-Party Risk Management (TPRM) framework, aligned with global best practices.
• Conduct risk assessments for suppliers, contractors, and service providers, including operational, financial, cybersecurity, and compliance risks.
• Assist in building and maintaining a comprehensive third-party risk register, capturing risk ratings, contractual obligations, and compliance requirements.
• Work closely with procurement, legal, and operational teams to ensure risk-based due diligence is completed before onboarding new suppliers and during periodic reviews.
• Help establish monitoring and reporting processes to track third-party performance and compliance with contractual and regulatory requirements.
• Support the drafting of policies and procedures to mitigate third-party risks, including areas such as data protection, modern slavery, business continuity, and ethical sourcing.
• Participate in third-party audits, inspections, and remediation activities.
• Provide training and guidance to internal teams on third-party risk awareness, assessment processes, and escalation protocols.
• Contribute to building a risk-aware ecosystem across suppliers and partners, ensuring critical third-party risks are identified and managed before impacting operations.

About you:

• Excellent analytical, organisational, and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to engage effectively with diverse global teams.
• High level of integrity and ability to handle confidential information with discretion.
• Proactive, adaptable, and comfortable navigating evolving regulatory environments.
• Strong cross-cultural awareness and experience working with international stakeholders.

• Bachelor’s degree in Business, Risk Management, or a related discipline.
• 5-6 years of experience in risk management, compliance, audit, or a related role, preferably within the technology or data centre sector.
• Working knowledge of regulatory frameworks and standards relevant to data centres and technology services.
• Strong understanding of risk assessment methodologies and compliance management practices.
• Proficiency in Microsoft Office and experience with risk and compliance management tools.
• Ability to work independently and collaboratively in a fast-paced, multinational environment.
• Professional certification in Risk Management (e.g. CRM, RIMS-CRMP, or equivalent)
• Exposure to international regulatory compliance and corporate governance frameworks.

• A values driven culture built on innovation, collaboration and growth.  
• Inclusive, diverse and values-driven working culture  
• Great opportunities to progress within our company (grow as we grow) 

Our mission is to continue building a diverse and inclusive workforce which represents the communities in which we operate.

Make NEXTDC your next move.