Experience: 3 to 5 years
Open to only MALAYSIANS and available immediately.
Hybrid - 3 days WFO & 2 days WFH
Duties & Accountabilities
•Analyze system architecture and design controls – Vulnerability Assessments, Policy Compliance Checks(Security Hardening).
•Perform recurring and on-demand security risk assessments of organization systems and cloud environments,report findings, and recommend pragmatic remediation strategies.
•Assist central team in resolving information security incidents, including targeted threats and internalincidents.
•Maintain documentation regarding vulnerability management, including policies and procedures.
•Improve and automate existing vulnerability management systems.
•Research and assess emerging security threats and vulnerabilities.
•Provide technical support for vulnerability management projects.
•Communicate the risks of identified vulnerabilities and recommend security controls to mitigate them.
•Design and execute Security Awareness Programmes.
Requirements
•Bachelor’s degree in Computer Science, Information Security, or a related field.
•3 - 5 years of hands-on experience in information security, compliance, audit and/or risk management in atechnology environment.
•3 - 5 years of hands-on experience in vulnerability management and compliance monitoring.
•Security-related certifications, e.g. CISA, CISSP, CRISC is preferred.
•Must have:
✓ In-depth knowledge of information security best practices, standards and frameworks.
✓ Knowledge of security control frameworks and standards such as SOC2, ISO 27001, NIST, etc.
✓ Experience with IT controls monitoring for regulatory and compliance requirements.
✓ Experience in vulnerability scanning, penetration testing, network admission control, and/or SIEM.
✓ Strong technical understanding of business processes, risk management, IT controls and relatedstandards.
✓ Experience facilitating external assessments, such as security audits or regulatory inquiries.
✓ Knowledge of OWASP tools and methodologies.
✓ Excellent written and verbal communication skills. The analyst needs to engage and coordinate withvarious stakeholders.
•Good to have:
✓ Experience in design and implementation of security technologies.
✓ Experience with Application Security Architecture and authorization approaches (role-based accesscontrol, tier controls, etc).
✓ Knowledge of vulnerability data management and reporting process automation.
✓ Knowledge of technical concepts such as cloud computing, automation, networking, and applicationdevelopment.
✓ Experience securing cloud-first environments.
✓ Experience with visualization tools, e.g. Power BI
✓ Familiar with ServiceNow and Google Workspace.
Job Types: Full-time, Contract
Contract length: 12 months
Pay: RM3,107.55 - RM10,860.76 per month
Benefits:
- Health insurance
- Professional development
Schedule:
- Monday to Friday
Work Location: In person
