124 Ciso jobs in Malaysia

List of Responsibilities:

• Ongoing leadership and review of IT security

• Implementing and designing cyber security policies, procedures and system solutions in line with industry standards and certifications

• Operate, conduct, and maintain DUG’s SIEM platform and conduct regular security audits of systems, policies, procedures, network configuration, operating systems, authentication systems, permission structures

• Serve as the DUG point person for third-party security audit(s)

• Provide pre-sales security briefings / Q&A to DUG HPC Cloud customer security teams

• Work with DUG HPC Cloud customers and DUG teams on security integration

• Provide strategic-level guidance for DUG’s cyber security program and ensure compliance with cyber security policy, standards, regulations and legislation, working with the senior executives within DUG.

• Ensure the alignment of cyber security and business objectives within DUG. To achieve this, you will facilitate communication between cyber security and business stakeholders. This includes translating cyber security concepts and language into business concepts and language as well as ensuring that business teams consult with cyber security teams to determine appropriate security measures when planning new business projects. Additionally, you will be responsible for the development of the strategic-level cyber security program, being best placed to advise projects on the strategic direction of cyber security.

• Contribute to the development and maintenance of DUG’s business continuity and disaster recovery plans, with the aim to improve business resilience and ensure the continued operation of critical business processes

• Report on the DUG’s security risk profile, the status of key systems and any outstanding security risks, any planned cyber security uplift activities, any recent cyber security incidents, and expected returns on cyber security investments

• Oversee DUG’s response to cyber security incidents, including how internal teams respond and communicate with each other during an incident

• Ensure that a consistent vendor management process is applied across their organisation, from discovery through to ongoing management

#J-18808-Ljbffr

We are looking for an experienced Information Security Officer to design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security breaches. To be successful as an information security officer, you should have good analytical skills and knowledge of the best practices to prevent a wide range of security threats. You should also be an excellent communicator, able to train and educate our staff in various information security topics.

If you are passionate about IT security and want to work with a dynamic team of professionals, we encourage you to apply for this exciting opportunity. We offer competitive salaries and benefits packages, as well as opportunities for professional growth and development.

Key Activities :

1. Developing and implementing IT security policies, procedures, and standards
2. Identifying potential security risks and vulnerabilities and taking appropriate action to mitigate them
3. Conducting regular security assessments to identify weaknesses in our systems and processes
4. Developing and implementing security incident response plans
5. Managing and monitoring security systems, including firewalls, intrusion detection/prevention systems, and anti-virus software
6. Conducting regular security training for employees to ensure they are aware of the latest security threats and how to respond to them
7. Investigating security incidents and breaches and taking appropriate action to prevent them from happening again
8. Staying up to date with the latest security technologies and trends

Formal Education :

Degree in computer science or a technology-related field.

Specialist Knowledge :

Minimum 3 years of experience as an ISO or in a similar information security role.

Detailed Requirements for each career level (each Functional Level separately)

1. Solid knowledge of global information security standards (e.g. NIST, ISO 27001), best practices and requirements from major regulators in the financial sector (e.g. MAS, BaFin)
2. Solid knowledge of data protection standards (e.g. NIST, GDPR)
3. Excellent problem-solving and analytical skills.
4. Ability to educate a non-technical audience about various security measures.
5. Effective verbal and written communication skills
6. Candidates with professional certifications such as CISA, CISM, CRISC, CISSP and other Cyber Security certifications are preferred.

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Management, Business Development, and Information Technology

Industries

Banking

#J-18808-Ljbffr

We are looking for an experienced Information Security Officer to design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security breaches. To be successful as an information security officer, you should have good analytical skills and knowledge of the best practices to prevent a wide range of security threats. You should also be an excellent communicator, able to train and educate our staff in various information security topics.

If you are passionate about IT security and want to work with a dynamic team of professionals, we encourage you to apply for this exciting opportunity. We offer competitive salaries and benefits packages, as well as opportunities for professional growth and development.

Key Activities :

1. Developing and implementing IT security policies, procedures, and standards
2. Identifying potential security risks and vulnerabilities and taking appropriate action to mitigate them
3. Conducting regular security assessments to identify weaknesses in our systems and processes
4. Developing and implementing security incident response plans
5. Managing and monitoring security systems, including firewalls, intrusion detection/prevention systems, and anti-virus software
6. Conducting regular security training for employees to ensure they are aware of the latest security threats and how to respond to them
7. Investigating security incidents and breaches and taking appropriate action to prevent them from happening again
8. Staying up to date with the latest security technologies and trends

Formal Education :

Degree in computer science or a technology-related field.

Specialist Knowledge :

Minimum 3 years of experience as an ISO or in a similar information security role.

Detailed Requirements for each career level (each Functional Level separately)

1. Solid knowledge of global information security standards (e.g. NIST, ISO 27001), best practices and requirements from major regulators in the financial sector (e.g. MAS, BaFin)
2. Solid knowledge of data protection standards (e.g. NIST, GDPR)
3. Excellent problem-solving and analytical skills.
4. Ability to educate a non-technical audience about various security measures.
5. Effective verbal and written communication skills
6. Candidates with professional certifications such as CISA, CISM, CRISC, CISSP and other Cyber Security certifications are preferred.

Seniority level

Mid-Senior level

Employment type

Full-time

Job function

Management, Business Development, and Information Technology

Industries

Banking

#J-18808-Ljbffr

List of Responsibilities: Ongoing leadership and review of IT security

Implementing and designing cyber security policies, procedures and system solutions in line with industry standards and certifications

Operate, conduct, and maintain DUG’s SIEM platform and conduct regular security audits of systems, policies, procedures, network configuration, operating systems, authentication systems, permission structures

Serve as the DUG point person for third-party security audit(s)

Provide pre-sales security briefings / Q&A to DUG HPC Cloud customer security teams

Work with DUG HPC Cloud customers and DUG teams on security integration

Provide strategic-level guidance for DUG’s cyber security program and ensure compliance with cyber security policy, standards, regulations and legislation, working with the senior executives within DUG.

Ensure the alignment of cyber security and business objectives within DUG. To achieve this, you will facilitate communication between cyber security and business stakeholders. This includes translating cyber security concepts and language into business concepts and language as well as ensuring that business teams consult with cyber security teams to determine appropriate security measures when planning new business projects. Additionally, you will be responsible for the development of the strategic-level cyber security program, being best placed to advise projects on the strategic direction of cyber security.

Contribute to the development and maintenance of DUG’s business continuity and disaster recovery plans, with the aim to improve business resilience and ensure the continued operation of critical business processes

Report on the DUG’s security risk profile, the status of key systems and any outstanding security risks, any planned cyber security uplift activities, any recent cyber security incidents, and expected returns on cyber security investments

Oversee DUG’s response to cyber security incidents, including how internal teams respond and communicate with each other during an incident

Ensure that a consistent vendor management process is applied across their organisation, from discovery through to ongoing management

#J-18808-Ljbffr

We are looking for an experienced Information Security Officer to design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security breaches. To be successful as an information security officer, you should have good analytical skills and knowledge of the best practices to prevent a wide range of security threats. You should also be an excellent communicator, able to train and educate our staff in various information security topics. If you are passionate about IT security and want to work with a dynamic team of professionals, we encourage you to apply for this exciting opportunity. We offer competitive salaries and benefits packages, as well as opportunities for professional growth and development. Key Activities :

Developing and implementing IT security policies, procedures, and standards Identifying potential security risks and vulnerabilities and taking appropriate action to mitigate them Conducting regular security assessments to identify weaknesses in our systems and processes Developing and implementing security incident response plans Managing and monitoring security systems, including firewalls, intrusion detection/prevention systems, and anti-virus software Conducting regular security training for employees to ensure they are aware of the latest security threats and how to respond to them Investigating security incidents and breaches and taking appropriate action to prevent them from happening again Staying up to date with the latest security technologies and trends Formal Education :

Degree in computer science or a technology-related field. Specialist Knowledge :

Minimum

3 years of experience

as an ISO or in a similar information security role. Detailed Requirements for each career level (each Functional Level separately)

Solid knowledge of global information security standards (e.g. NIST, ISO 27001), best practices and requirements from major regulators in the financial sector (e.g. MAS, BaFin) Solid knowledge of data protection standards (e.g. NIST, GDPR) Excellent problem-solving and analytical skills. Ability to educate a non-technical audience about various security measures. Effective verbal and written communication skills Candidates with professional certifications such as CISA, CISM, CRISC, CISSP and other Cyber Security certifications are preferred. Seniority level

Mid-Senior level Employment type

Full-time Job function

Management, Business Development, and Information Technology Industries

Banking

#J-18808-Ljbffr

We are looking for an experienced Information Security Officer to design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security breaches. To be successful as an information security officer, you should have good analytical skills and knowledge of the best practices to prevent a wide range of security threats. You should also be an excellent communicator, able to train and educate our staff in various information security topics. If you are passionate about IT security and want to work with a dynamic team of professionals, we encourage you to apply for this exciting opportunity. We offer competitive salaries and benefits packages, as well as opportunities for professional growth and development. Key Activities :

Developing and implementing IT security policies, procedures, and standards Identifying potential security risks and vulnerabilities and taking appropriate action to mitigate them Conducting regular security assessments to identify weaknesses in our systems and processes Developing and implementing security incident response plans Managing and monitoring security systems, including firewalls, intrusion detection/prevention systems, and anti-virus software Conducting regular security training for employees to ensure they are aware of the latest security threats and how to respond to them Investigating security incidents and breaches and taking appropriate action to prevent them from happening again Staying up to date with the latest security technologies and trends Formal Education :

Degree in computer science or a technology-related field. Specialist Knowledge :

Minimum

3 years of experience

as an ISO or in a similar information security role. Detailed Requirements for each career level (each Functional Level separately)

Solid knowledge of global information security standards (e.g. NIST, ISO 27001), best practices and requirements from major regulators in the financial sector (e.g. MAS, BaFin) Solid knowledge of data protection standards (e.g. NIST, GDPR) Excellent problem-solving and analytical skills. Ability to educate a non-technical audience about various security measures. Effective verbal and written communication skills Candidates with professional certifications such as CISA, CISM, CRISC, CISSP and other Cyber Security certifications are preferred. Seniority level

Mid-Senior level Employment type

Full-time Job function

Management, Business Development, and Information Technology Industries

Banking

#J-18808-Ljbffr

You desire impactful work.

You’re RGA ready

RGA is a purpose-driven organization working to solve today’s challenges through innovation and collaboration. A Fortune 500 Company and listed among its World’s Most Admired Companies , we’re the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all.

A Brief Overview

Lead, manage and direct the Regional Security Architecture, Engineering, Operations, Governance, Risk, Compliance and Security Incident Response teams and processes. Act as the operational executive responsible for delivering all security capabilities in the geographic region, necessary to protect the global RGA enterprise while maintaining contractual and regulatory requirements. Oversee and deliver the continually improving security capabilities regionally in support of RGA regional subsidiaries and global security requirements. Communicate and collaborate with and brief senior Security, IT and business leaders to ensure efficient and effective delivery of global security services in the region while aligning with global security and risk management standards. Participate as the primary RGA leader responsible for leading and coordinating the delivery of all security capabilities in the region with the goal of minimizing associated potential business impacts.

What you will do

• Lead a senior team to develop, implement and continually enhance regional security architecture, engineering, governance, risk, compliance and incident response capabilities.
• Support global policies and standards; proposes changes to existing policies, standards and procedures; directs implementation of policies, standards and procedures in the region to ensure effective security and risk management outcomes.
• Drive regional development and deployment of security capabilities, architectural implementation, configuration, risk management, data collection and analysis as well as logging and alerting requirements for the RGA enterprise.
• Enhance existing regional security and risk management capabilities through a mix of people, processes and technologies which increase capability maturity and reduce the likelihood that threat actors will circumvent security capabilities within the region.
• Provide expansive information security expertise in the diagnosis of control requirements shortfalls, identification of business risks, evaluation of solution alternatives and delivery of systems solutions to assist in the identification, prevention, detection, response, and eradication of threat activity within the region.
• Serve as a key advisor for information security, data privacy, disaster recovery, and physical security for RGA on trends and emerging risks within the region.
• Represent Global Security, Governance, Risk Management, Security Operations, and Incident Response advocating for information security, data privacy, disaster recovery, and physical security best practices working with all other appropriate stakeholders.
• Lead, manage and direct the activities of department management in all aspects of supervisory duties, including, but not limited to hiring, training, evaluating, coaching, and disciplining direct reports. Foster a positive and engaged work environment. Mentor associates and give guidance on associate development.

Qualifications

• Bachelor’s Degree in Arts/Sciences (BA/BS)
• Master’s degree in Arts/Sciences (MA/MS) is preferred
• 10+ Years progressive professional experience evaluating, delivering, and/or managing in a complex IT environment(s) as well as people management experience
• 15+ Years professional experience including 7 years working in a complex, global corporation
• 15+ Years professional experience in information security
• 3+ Years experience in technology architecture and development
• 3+ Years experience engaging with and defeating advanced threat actors
• Experience as a security technology leader with implementation skills
• Leadership skills with an ability to inspire security teams through curiosity and a passion for engaging with and stopping threat actors from exploiting organizations
• Ability to work creatively and analytically in a problem-solving environment
• Knowledge of Information Security technologies, markets and vendors
• Knowledge in the field of information systems security, including such areas as identity and access management, security operations, incident response, security program policies, processes and procedures and various supporting security technologies
• Persuasion skills when working with internal and external partners to resolve issues/problems
• Ability to make timely and effective decisions and produce results through strategic planning and the implementation and evaluation of programs and policies
• Project management skills. Demonstrates ability to evaluate project objectives and scope feasibility, gain understanding, schedule resources, and manage budget to plan
• Oral and written communication skills, demonstrating the ability to convey business terminology that is meaningful and well received
• People management skills, demonstrating an ability to lead, mentor and develop associates
• Facilitation skills with the ability to lead virtual teams to desired outcomes and obtain buy-in from senior leadership on deliverables
• Analytical and problem-solving skills
• Ability to work well within and manage a team
• Certified Information Systems Security Professional or similar (e.g. CISSP, ISC or CISM) Required

What you can expect from RGA:

• Gain valuable knowledge from and experience with diverse, caring colleagues around the world.
• Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.
• Join the bright and creative minds of RGA, and experience vast, endless career potential.

#J-18808-Ljbffr

You desire impactful work.

You’re

RGA ready RGA is a purpose-driven organization working to solve today’s challenges through innovation and collaboration. A Fortune 500 Company and listed among its

World’s Most Admired Companies , we’re the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all. A Brief Overview

Lead, manage and direct the Regional Security Architecture, Engineering, Operations, Governance, Risk, Compliance and Security Incident Response teams and processes. Act as the operational executive responsible for delivering all security capabilities in the geographic region, necessary to protect the global RGA enterprise while maintaining contractual and regulatory requirements. Oversee and deliver the continually improving security capabilities regionally in support of RGA regional subsidiaries and global security requirements. Communicate and collaborate with and brief senior Security, IT and business leaders to ensure efficient and effective delivery of global security services in the region while aligning with global security and risk management standards. Participate as the primary RGA leader responsible for leading and coordinating the delivery of all security capabilities in the region with the goal of minimizing associated potential business impacts. What you will do Lead a senior team to develop, implement and continually enhance regional security architecture, engineering, governance, risk, compliance and incident response capabilities. Support global policies and standards; proposes changes to existing policies, standards and procedures; directs implementation of policies, standards and procedures in the region to ensure effective security and risk management outcomes. Drive regional development and deployment of security capabilities, architectural implementation, configuration, risk management, data collection and analysis as well as logging and alerting requirements for the RGA enterprise. Enhance existing regional security and risk management capabilities through a mix of people, processes and technologies which increase capability maturity and reduce the likelihood that threat actors will circumvent security capabilities within the region. Provide expansive information security expertise in the diagnosis of control requirements shortfalls, identification of business risks, evaluation of solution alternatives and delivery of systems solutions to assist in the identification, prevention, detection, response, and eradication of threat activity within the region. Serve as a key advisor for information security, data privacy, disaster recovery, and physical security for RGA on trends and emerging risks within the region. Represent Global Security, Governance, Risk Management, Security Operations, and Incident Response advocating for information security, data privacy, disaster recovery, and physical security best practices working with all other appropriate stakeholders. Lead, manage and direct the activities of department management in all aspects of supervisory duties, including, but not limited to hiring, training, evaluating, coaching, and disciplining direct reports. Foster a positive and engaged work environment. Mentor associates and give guidance on associate development. Qualifications Bachelor’s Degree in Arts/Sciences (BA/BS) Master’s degree in Arts/Sciences (MA/MS) is preferred 10+ Years progressive professional experience evaluating, delivering, and/or managing in a complex IT environment(s) as well as people management experience 15+ Years professional experience including 7 years working in a complex, global corporation 15+ Years professional experience in information security 3+ Years experience in technology architecture and development 3+ Years experience engaging with and defeating advanced threat actors Experience as a security technology leader with implementation skills Leadership skills with an ability to inspire security teams through curiosity and a passion for engaging with and stopping threat actors from exploiting organizations Ability to work creatively and analytically in a problem-solving environment Knowledge of Information Security technologies, markets and vendors Knowledge in the field of information systems security, including such areas as identity and access management, security operations, incident response, security program policies, processes and procedures and various supporting security technologies Persuasion skills when working with internal and external partners to resolve issues/problems Ability to make timely and effective decisions and produce results through strategic planning and the implementation and evaluation of programs and policies Project management skills. Demonstrates ability to evaluate project objectives and scope feasibility, gain understanding, schedule resources, and manage budget to plan Oral and written communication skills, demonstrating the ability to convey business terminology that is meaningful and well received People management skills, demonstrating an ability to lead, mentor and develop associates Facilitation skills with the ability to lead virtual teams to desired outcomes and obtain buy-in from senior leadership on deliverables Analytical and problem-solving skills Ability to work well within and manage a team Certified Information Systems Security Professional or similar (e.g. CISSP, ISC or CISM) Required What you can expect from RGA: Gain valuable knowledge from and experience with diverse, caring colleagues around the world. Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought. Join the bright and creative minds of RGA, and experience vast, endless career potential.

#J-18808-Ljbffr

Joining Razer will place you on a global mission to revolutionize the way the world games. Razer is a place to do great work , offering you the opportunity to make an impact globally while working across a global team located across 5 continents. Razer is also a great place to work, providing you the unique, gamer-centric #LifeAtRazer experience that will put you in an accelerated growth, both personally and professionally.

Job Responsibilities : We are looking for a skilled and analytical Information Security Analyst to join our team. In this role, you’ll be at the forefront of protecting our systems by identifying vulnerabilities, responding to threats, and continuously improving our security posture.

This position offers valuable hands-on experience in cybersecurity. If you're eager to learn and build a career in this field, we encourage you to apply.

Essential Duties and Responsibilities

• Conduct vulnerability assessments and provide actionable remediation plans
• Perform penetration testing on networks, applications, and infrastructure.
• Review and optimize firewall rules and configurations.
• Monitor, analyze, and respond to security events and incidents, ensuring timely resolution and root cause analysis
• Investigate and respond to security incidents in a timely manner.
• Review and validate bug bounty submissions, coordinating with researchers and internal teams.
• Collaborate with IT, DevOps, and compliance teams to implement security best practices.
• Collaborate closely with business units to provide expert support and guidance on information security matters.
• Champion security awareness initiatives within the business, promoting a culture of security consciousness and best practices.
• Perform ad hoc tasks that are assigned by team leader or team manager.

Requirements

• Candidate must possess at least a Bachelor's Degree, Post Graduate Diploma, Professional Degree, Computer Science/Information Technology/Security or equivalent. (candidates with relative levels of related experience will be considered).
• At least 3-5 years of hands-on working experience in cybersecurity, ethical hacking or information/IT security is required for this position.
• Possession of industry-relevant certifications such as CompTIA Security+, CEH, OSCP, or similar will be advantageous.
• For lead roles, experience in people management, ability to lead and influence people is expected.
• Hands-on experience with tools such as Burp Suite, Metasploit, Nessus, Qualys, Splunk, and SIEM platforms.
• Strong understanding of network protocols, web application security, and threat detection.
• Knowledge of AWS Cloud Computing services and experience with Linux servers is essential.
• Independent with excellent analytical skills, a problem-solving attitude, and the ability to work well in a team environment.
• Applicants must be willing to work in ICITY SHAH ALAM.

Are you game?

Pre-Requisites :

Are you game?

#J-18808-Ljbffr