937 Cybersecurity jobs in Malaysia

Associate - Cybersecurity (Group Cybersecurity)

Petaling Jaya, Selangor MYR80000 - MYR120000 Y Sunway Berhad

Posted today

Job Viewed

Tap Again To Close

Job Description

Join our dynamic Technology Cyber Security and Red Team to explore the cutting edge of offensive cybersecurity. This role focuses on open-source tool exploration, scripting, developing tools for phishing, security incidents, penetration testing, and offensive security research. You'll work in a hands-on environment, contributing to vital projects while developing your skills in cybersecurity innovation.

Duties and Responsibilities:

  • Offensive Security Research: Explore and analyze open-source tools and methodologies in offensive security.
  • Scripting and Tool Development: Create scripts and tools for phishing simulations, security incident response, and penetration testing.
  • Penetration Testing and Vulnerability Analysis: Assist in conducting penetration tests and vulnerability assessments when needed , identifying potential security risks together with Digital Hub team .
  • Phishing Simulation and Incident Response: Develop and conduct phishing simulation campaigns and support incident response scenarios.
  • Project Management and Documentation: Manage project timelines, ensure thorough documentation, and coordinate among different team components.
  • Stay up-to-date on the latest security threats and vulnerabilities.

Requirements:

  • Degree in Computer Science, Cybersecurity, Information Technology, or a related field.
  • Basic understanding of cybersecurity principles and eagerness to learn.
  • Familiarity with programming/scripting languages (Python, Bash, etc.).
  • Basic knowledge of network and application security.
  • Strong understanding of network security concepts, TCP/IP protocols, and common vulnerabilities.
  • Experience with penetration testing tools (e.g., Burp Suite, Metasploit, Nmap).
  • Excellent problem-solving and analytical skills.
  • Strong organizational and communication abilities.
  • Curiosity and passion for cybersecurity

Added Advantages:

  • Experience with Capture the Flag (CTF) competitions.
  • Engagement with platforms like Tryhackme, Hackthebox, PentestLab and etcs.
  • Active participation in cybersecurity communities and conferences.

What We Offer:

  • A collaborative and innovative environment.
  • Hands-on experience with real-world cybersecurity challenges.
  • Guidance and mentorship from industry experts.
  • Opportunity to contribute to impactful cybersecurity projects.

Benefits:

  • Hybrid and flexible working arrangement
  • Leaves: Annual Leave, Medical Leave, Hospitalization Leave, Special Leave.
  • Medical Benefits – Sunway Medical Insurance for Outpatient & Inpatient inclusive for dependents.
  • Dental and Optical benefits.
  • Group Term Life & Personal Accident Insurance Scheme.
  • Executive Health Screening for confirmed executive.
  • Salary increment based on individual performance.
  • Bonus based on company & individual performance.
  • Career Development: Training and certification sponsored by the company, Annual Talent Review, Career Planning.
  • Rewards and recognition: Long Service Award.
  • Additional Benefits: Staff Discount (i.e. ThemePark, Hospitality, Education, Property, Medical, Retail, Food & Beverages), Sports and Recreational, Family Day, Annual Dinner, Flexible Working Arrangement for working mothers.
  • Open communication. Young, energetic and fun working environment.

Are you ready to elevate your working skills and experience? Click the 'Apply Now' and you are one step ahead to an outstanding career.

Our recruitment team will reach out to shortlisted candidates only.

Sunway Services Sdn Bhd

This advertiser has chosen not to accept applicants from your region.

Associate - Cybersecurity (Group Cybersecurity)

MYR60000 - MYR80000 Y Sunway Berhad

Posted today

Job Viewed

Tap Again To Close

Job Description

Join our dynamic Technology Cyber Security and Red Team to explore the cutting edge of offensive cybersecurity. This role focuses on open-source tool exploration, scripting, developing tools for phishing, security incidents, penetration testing, and offensive security research. You'll work in a hands-on environment, contributing to vital projects while developing your skills in cybersecurity innovation.

Duties and Responsibilities:

  • Offensive Security Research: Explore and analyze open-source tools and methodologies in offensive security.
  • Scripting and Tool Development: Create scripts and tools for phishing simulations, security incident response, and penetration testing.
  • Penetration Testing and Vulnerability Analysis: Assist in conducting penetration tests and vulnerability assessments when needed , identifying potential security risks together with Digital Hub team .
  • Phishing Simulation and Incident Response: Develop and conduct phishing simulation campaigns and support incident response scenarios.
  • Project Management and Documentation: Manage project timelines, ensure thorough documentation, and coordinate among different team components.
  • Stay up-to-date on the latest security threats and vulnerabilities.

Requirements:

  • Degree in Computer Science, Cybersecurity, Information Technology, or a related field.
  • Basic understanding of cybersecurity principles and eagerness to learn.
  • Familiarity with programming/scripting languages (Python, Bash, etc.).
  • Basic knowledge of network and application security.
  • Strong understanding of network security concepts, TCP/IP protocols, and common vulnerabilities.
  • Experience with penetration testing tools (e.g., Burp Suite, Metasploit, Nmap).
  • Excellent problem-solving and analytical skills.
  • Strong organizational and communication abilities.
  • Curiosity and passion for cybersecurity

Added Advantages:

  • Experience with Capture the Flag (CTF) competitions.
  • Engagement with platforms like Tryhackme, Hackthebox, PentestLab and etcs.
  • Active participation in cybersecurity communities and conferences.

What We Offer:

  • A collaborative and innovative environment.
  • Hands-on experience with real-world cybersecurity challenges.
  • Guidance and mentorship from industry experts.
  • Opportunity to contribute to impactful cybersecurity projects.

Benefits:

  • Hybrid and flexible working arrangement
  • Leaves: Annual Leave, Medical Leave, Hospitalization Leave, Special Leave.
  • Medical Benefits – Sunway Medical Insurance for Outpatient & Inpatient inclusive for dependents.
  • Dental and Optical benefits.
  • Group Term Life & Personal Accident Insurance Scheme.
  • Executive Health Screening for confirmed executive.
  • Salary increment based on individual performance.
  • Bonus based on company & individual performance.
  • Career Development: Training and certification sponsored by the company, Annual Talent Review, Career Planning.
  • Rewards and recognition: Long Service Award.
  • Additional Benefits: Staff Discount (i.e. ThemePark, Hospitality, Education, Property, Medical, Retail, Food & Beverages), Sports and Recreational, Family Day, Annual Dinner, Flexible Working Arrangement for working mothers.
  • Open communication. Young, energetic and fun working environment.

Are you ready to elevate your working skills and experience? Click the 'Apply Now' and you are one step ahead to an outstanding career.

Our recruitment team will reach out to shortlisted candidates only.

Sunway Services Sdn Bhd

This advertiser has chosen not to accept applicants from your region.

Cybersecurity Engineer

Mindvalley

Posted 12 days ago

Job Viewed

Tap Again To Close

Job Description

Overview

Mindvalley is seeking a Cybersecurity Engineer to strengthen the overall security posture of our platforms, endpoints, cloud services, and applications. This role goes beyond traditional AppSec — you will work across engineering, product, and IT teams to remediate vulnerabilities, improve security tool configurations, and design automated workflows that reduce manual security effort. If you're someone who loves getting hands-on, enjoys teaming up across functions, and gets excited about using AI and automation to turn complex security challenges into streamlined, scalable solutions — we want to hear from you.

Responsibilities
  • Triage and investigate security alerts from multiple sources (e.g., CrowdStrike, GuardRails, ASM, GCP, GWS).
  • Work with Tech, Product, and IT teams to remediate vulnerabilities, misconfigurations, and incidents.
  • Improve detection and prevention by tuning/configuring GCP, GWS, and other security tools.
  • Automate repetitive security processes (e.g., alert filtering, access reviews, vulnerability reporting) using scripting, APIs, or workflow automation platforms.
  • Conduct periodic application and infrastructure security assessments.
  • Participate in secure SDLC by providing feedback to engineering teams.
  • Document processes and contribute to Mindvalley’s PSPG framework (policies, standards, procedures, guidelines).
Requirements
  • 3–5 years in cybersecurity operations, cloud security, or vulnerability management.
  • Solid understanding of web/app/API vulnerabilities (OWASP Top 10) and cloud security basics (preferably GCP/GWS).
  • Experience with at least one scripting/automation language (Python, JS, or automation platforms like Make.com).
  • Familiarity with vulnerability management and SIEM/log analysis tools.
  • Strong problem-solving skills; able to balance firefighting with long-term improvements.
  • Preferred: certifications (e.g., OSCP, GCP Security Engineer), prior experience automating security workflows, or participation in bug bounty/security communities.

Mindvalley is an equal opportunity employer and does not discriminate on the basis of race, colour, religion, gender identity or expression, national origin, age, disability, marital status, sexual orientation, or any other legally protected status. We are committed to creating a diverse and inclusive workplace and encourage applications from all qualified individuals.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Cybersecurity Engineer

Kuala Lumpur, Kuala Lumpur Tech Titan Group - Titan Guard and Tech Titan Distribution

Posted 15 days ago

Job Viewed

Tap Again To Close

Job Description

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia Tech Titan

Flexible to accommodate urgent customer needs over weekends and public holidays

Perform tasks such as issues, deploying products, collecting artefacts for debugging

Provide high quality technical support by helping customers resolve issues including explaining usage, debugging failures, pinpointing problems, implementing workarounds, increasing performance, improving security, and determining root causes

Documenting all support issue details while supporting customers to ensure details are available for all relevant parties

Work cooperatively with team members to arrive at issue resolution as per Service Level Agreement before escalating to engineering team

Contribute, maintain, and improve knowledge base articles, training materials, and other repositories of information

Report customer use cases, requirements, enhancement requests, and recommend fixes

Practice the give and take model of knowledge and experience exchange by sharing information to the team

Constantly improving job skills through participation in product, technology, and customer service training as it is made available

Participate in improving processes, communication, systems, etc.

Qualifications

Demonstrated Required Skills and Abilities:

Graduated with Bachelor's Degree in Computer Science or Engineering or equivalent technical experience

Able to communicate in English (written)

For Mac, Windows, Linux, iOS, or Android

In Xcode, Visual Studio, Android Studio, or Eclipse

Ability to troubleshoot system issues

Fundamental understanding of computer architecture and low-level details of the programming languages used by the products you are supporting

Interest and experience in security a great advantage

Ability to work effectively with a remote team using modern, collaborative tools such as Microsoft Teams, Zoom, and Webex

Strong customer service skills ability to work with customers in a manner that is professional, compassionate, and effective

Ability to synthesize and clearly communicate complex technical issues to technical and non-technical audiences at all levels, both internally and externally

Additional Information

Office Hours: Monday - Friday, 9am - 6pm

Smart Casual Fridays

Salary is negotiable depending on experience

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

AVP, Cybersecurity

Petaling Jaya, Selangor Carsome Sdn Bhd

Posted today

Job Viewed

Tap Again To Close

Job Description

The Assistant Vice President (AVP), Cybersecurity is a leadership role responsible for the end-to-end management and strategic direction of CARSOME's cybersecurity program. This role is responsible for driving the delivery of Governance, Risk & Compliance (GRC), Security Operations, Cloud Security, and Product Security initiatives. The AVP will lead a team of security professionals to implement foundational security controls, meet audit expectations, and support strategic expansion in alignment with the Cybersecurity Strategy 2025 and ISO 27001 standards.

Key Responsibilities:

A. Leadership & Strategy:

  • Provide strategic leadership and direction for the cybersecurity function, aligning with CARSOME’s overall business objectives and risk appetite.
  • Develop and implement a comprehensive cybersecurity program to drive growth in the maturity of CARSOME's cybersecurity posture.

B. Governance, Risk & Compliance (GRC):

  • Establish and maintain a structured governance framework aligned with ISO 27001.
  • Oversee the development and enforcement of security policies, risk assessments, and compliance monitoring.
  • Ensure continuous security monitoring and reporting to Exco for improved oversight.
  • Establish a formal risk treatment plan and risk acceptance criteria.
  • Lead internal policy enforcement, risk register management, audit liaison, and vendor risk review.

C. Security Operations:

  • Oversee security operations and information security incident response, ensuring timely detection, analysis, and remediation of security incidents.
  • Ensure timely review of threat intel supplied by SIEM monitoring, MSOC and other relevant sources.
  • Drive outcomes from managed services, such as Managed SOC, DFIR, and VAPT, to triage alerts and defend audit controls.
  • Lead the implementation of cloud-native security tooling and drive CI/CD pipeline hardening in partnership with Engineering & DevOps teams.
  • Ensure the security of cloud workloads and infrastructure during the AWS-to-GCP migration.
  • Oversee the integration of SAST, DAST, and SCA security testing tools into CI/CD pipelines.
  • Consolidate Application Security (AppSec) and Product Security (ProdSec) into a unified Product Security function.

E. Team Management & Development:

  • Lead and manage a team of security engineers and analysts, providing guidance, mentorship, and professional development opportunities.
  • Foster a security-first mindset and promote security awareness across the organization.
  • Collaborate with Engineering, DevOps, Product, Legal, IT, and Business Operations teams to prioritize security across all functions.
  • Communicate effectively with leadership and stakeholders on the status of the cybersecurity program, risks, and mitigation strategies.

G. Budget Management:

  • Manage the cybersecurity budget, ensuring efficient allocation of resources to support key initiatives.

Qualifications & Experiences:

  • Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
  • Minimum of 10 years of experience in cybersecurity, with at least 5 years in a leadership role.
  • Strong understanding of cybersecurity frameworks, such as ISO 27001, NIST, and SOX.
  • Experience with cloud security, DevSecOps, and incident response.
  • Excellent leadership, communication, and interpersonal skills.
  • Must demonstrate the ability to translate strategy into execution through verifiable examples of past security program implementations, not just theoretical knowledge.

CARSOME is Southeast Asia’s largest integrated car e-commerce platform. With operations across Malaysia, Indonesia, Thailand and Singapore, CARSOME aims to digitize the region’s used car industry by reshaping and elevating the car buying and selling experience.

CARSOME provides end-to-end solutions to consumers and used car dealers, from car inspection to ownership transfer to financing, promising a service that is trusted, convenient and efficient. CARSOME currently transacts around 100,000 cars annually and has more than 2,000 employees across all its offices.

CARSOME is an equal opportunities employer and welcomes applications from diverse candidates.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Manager - Cybersecurity

Petaling Jaya, Selangor Gamuda Group

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

Press Tab to Move to Skip to Content Link

Select how often (in days) to receive an alert:

The Cybersecurity Manager will lead the organisation's security posture, deliver the execution of key security initiatives in the GDC air gapped and hybrid environments, and support Gamuda Dnex Cloud’s market presence within the specialised air gapped sovereign cloud sector. This role demands a unique blend of technical cybersecurity expertise, robust management skills, and a strong operations acumen to navigate the complexities of this highly regulated and security-sensitive market.

Key Responsibilities

1. Cybersecurity Operations Management & Support

  • Manage 24/7 security monitoring through SIEM, EDR, IDS/IPS.
  • Lead incident response processes including triage, containment, recovery, and reporting.
  • Conduct threat hunting and integrate controlled threat intelligence sources.
  • Maintain post-incident analysis and manage security documentation.

2. Vulnerability Management

  • Perform vulnerability assessments and categorization using tools like Tenable/Nessus.
  • Manage secure patch acquisition and deployment with validation and rollback procedures.
  • Enforce secure system configurations and monitor unauthorized changes.

3. Identity & Access Management (IAM)

  • Monitor access logs for anomalies and enforce least privilege principles.
  • Manage privileged access (PAM), and oversee authentication token issuance and revocation.
  • Conduct periodic audits of access rights and activities.

4. Data Security

  • Manage encryption key lifecycle and monitor Hardware Security Modules (HSM).
  • Implement data loss prevention (DLP) strategies within air-gapped constraints.

5. Compliance & Auditing

  • Maintain and secure audit logs for user, admin, and system activity.
  • Monitor and report on compliance with frameworks like NIST, FedRAMP, and FIPS.
  • Support external audits, regulatory reviews, and compliance reporting.

6. Security Engineering & Optimisation

  • Manage and optimize security tools (SIEM, EDR, SOAR).
  • Implement automation to improve threat detection and incident response.
  • Maintain playbooks and regularly update security documentation.
  • Drive continuous improvement of cybersecurity processes and tooling
  • Lead a team of cybersecurity professionals with focus on sovereign cloud and air-gapped operations.
  • Provide technical training, mentorship, and ensure knowledge transfer within the team.
  • Manage relationships with regulators, auditors, and government clients.
  • Promote a culture of compliance, security awareness, and operational excellence.
Qualifications
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field
  • 6-8+ years of experience in cybersecurity, with a focus on SecOps management, security architecture, and SIEM/SOAR development within highly regulated or security-sensitive industries.
  • Deep understanding of air-gapped environments, sovereign cloud solutions, and national security regulations.
  • Proven experience in managing complex security programs and projects within restricted or isolated environments. Experience in Chronicle would be an advantage for this role.
  • Strong support experience in developing and executing cybersecurity and Modern SecOps strategies for complex technical solutions.
  • Project management skills, including knowledge of project management methodologies (e.g., PMP, Agile/Scrum).
  • Strong leadership, communication, and interpersonal skills.
  • Ability to work effectively in a fast-paced and dynamic environment.
  • Relevant cybersecurity certifications (e.g., CISSP, CISM, Palo Alto Certified/Admin/Architect, Splunk Enterprise Architect/Admin/Power User, Modern SecOps,CEH).

Preferred Qualifications:

  • Experience working with government agencies or critical infrastructure providers.
  • Experience with cloud security and compliance frameworks specific to sovereign cloud environments.
  • Strong network of contacts within the government and defense sectors.
  • Experience with security automation and orchestration in air-gapped environments. Key
Skills & Abilities
  • Air-gapped security architecture and implementation
  • Sovereign cloud compliance and governance
  • Programme and project management in restricted environments
  • Business development and sales in the government sector
  • Incident response and security operations in isolated environments
  • Risk management and compliance
  • Team leadership and development
  • Communication and stakeholder management
Expected Minimum Years of Experience
  • 6-8+ years of experience in cybersecurity, with a focus on SecOps management, security architecture, and SIEM/SOAR development within highly regulated or security-sensitive industries.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Manager - Cybersecurity

Gamuda Group

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

Press Tab to Move to Skip to Content Link

The Cybersecurity Manager will lead the organisation's security posture, deliver the execution of key security initiatives in the GDC air gapped and hybrid environments, and support Gamuda Dnex Cloud’s market presence within the specialised air gapped sovereign cloud sector. This role demands a unique blend of technical cybersecurity expertise, robust management skills, and a strong operations acumen to navigate the complexities of this highly regulated and security-sensitive market.

Key Responsibilities

1. Cybersecurity Operations Management & Support

  • Manage 24/7 security monitoring through SIEM, EDR, IDS/IPS.
  • Lead incident response processes including triage, containment, recovery, and reporting.
  • Conduct threat hunting and integrate controlled threat intelligence sources.
  • Maintain post-incident analysis and manage security documentation.

2. Vulnerability Management

  • Perform vulnerability assessments and categorization using tools like Tenable/Nessus.
  • Manage secure patch acquisition and deployment with validation and rollback procedures.
  • Enforce secure system configurations and monitor unauthorized changes.

3. Identity & Access Management (IAM)

  • Monitor access logs for anomalies and enforce least privilege principles.
  • Manage privileged access (PAM), and oversee authentication token issuance and revocation.
  • Conduct periodic audits of access rights and activities.

4. Data Security

  • Manage encryption key lifecycle and monitor Hardware Security Modules (HSM).
  • Implement data loss prevention (DLP) strategies within air-gapped constraints.

5. Compliance & Auditing

  • Maintain and secure audit logs for user, admin, and system activity.
  • Monitor and report on compliance with frameworks like NIST, FedRAMP, and FIPS.
  • Support external audits, regulatory reviews, and compliance reporting.

6. Security Engineering & Optimisation

  • Manage and optimize security tools (SIEM, EDR, SOAR).
  • Implement automation to improve threat detection and incident response.
  • Maintain playbooks and regularly update security documentation.
  • Drive continuous improvement of cybersecurity processes and tooling
  • Lead a team of cybersecurity professionals with focus on sovereign cloud and air-gapped operations.
  • Provide technical training, mentorship, and ensure knowledge transfer within the team.
  • Manage relationships with regulators, auditors, and government clients.
  • Promote a culture of compliance, security awareness, and operational excellence.
Qualifications
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field
  • 6-8+ years of experience in cybersecurity, with a focus on SecOps management, security architecture, and SIEM/SOAR development within highly regulated or security-sensitive industries.
  • Deep understanding of air-gapped environments, sovereign cloud solutions, and national security regulations.
  • Proven experience in managing complex security programs and projects within restricted or isolated environments. Experience in Chronicle would be an advantage for this role.
  • Strong support experience in developing and executing cybersecurity and Modern SecOps strategies for complex technical solutions.
  • Project management skills, including knowledge of project management methodologies (e.g., PMP, Agile/Scrum).
  • Strong leadership, communication, and interpersonal skills.
  • Ability to work effectively in a fast-paced and dynamic environment.
  • Relevant cybersecurity certifications (e.g., CISSP, CISM, Palo Alto Certified/Admin/Architect, Splunk Enterprise Architect/Admin/Power User, Modern SecOps,CEH).

Preferred Qualifications:

  • Experience working with government agencies or critical infrastructure providers.
  • Experience with cloud security and compliance frameworks specific to sovereign cloud environments.
  • Strong network of contacts within the government and defense sectors.
  • Experience with security automation and orchestration in air-gapped environments. Key
Skills & Abilities
  • Air-gapped security architecture and implementation
  • Sovereign cloud compliance and governance
  • Programme and project management in restricted environments
  • Business development and sales in the government sector
  • Incident response and security operations in isolated environments
  • Risk management and compliance
  • Team leadership and development
  • Communication and stakeholder management
Expected Minimum Years of Experience
  • 6-8+ years of experience in cybersecurity, with a focus on SecOps management, security architecture, and SIEM/SOAR development within highly regulated or security-sensitive industries.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Cybersecurity Jobs in Malaysia !

Cybersecurity Officer

Johor, Johor Hirehub Management Sdn. Bhd.

Posted 3 days ago

Job Viewed

Tap Again To Close

Job Description

Responsibilities

  • Monitor and enforce data protection policies and procedures to ensure compliance with industry standards (e.g., ISO 27001, GDPR, HIPAA).
  • Identify and assess cybersecurity risks and implement appropriate mitigation strategies.
  • Oversee data safety audits, vulnerability assessments, and penetration testing in the data centre environment.
  • Collaborate with IT and cybersecurity teams to respond to data breaches or incidents, ensuring timely reporting and remediation.
  • Maintain and update data classification and handling protocols.
  • Ensure secure storage, transmission, and backup of sensitive data.
  • Conduct training sessions on data safety, cybersecurity awareness, and best practices for staff and contractors.
  • Maintain logs of data access and ensure the use of encryption, authentication, and access control mechanisms.
  • Work with legal and compliance teams on regulatory audits and documentation.
  • Develop and update incident response plans and business continuity strategies.
Qualifications
  • Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field.
  • 3+ years of experience in a cybersecurity or data protection role, preferably within a data centre environment.
  • Certifications such as CISSP, CISM, CEH, or CompTIA Security+ are preferred.
  • Strong knowledge of data protection laws, cybersecurity frameworks, and best practices.
  • Experience with security tools like SIEM, DLP, IDS/IPS, and endpoint protection solutions.
  • Excellent analytical, communication, and problem-solving skills.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

AVP, Cybersecurity

Petaling Jaya, Selangor CARSOME

Posted 11 days ago

Job Viewed

Tap Again To Close

Job Description

About You

The Assistant Vice President (AVP), Cybersecurity is a leadership role responsible for the end-to-end management and strategic direction of CARSOME's cybersecurity program. This role is responsible for driving the delivery of Governance, Risk & Compliance (GRC), Security Operations, Cloud Security, and Product Security initiatives. The AVP will lead a team of security professionals to implement foundational security controls, meet audit expectations, and support strategic expansionin alignment with the Cybersecurity Strategy 2025 and ISO 27001 standards.

Key Responsibilities:

A. Leadership & Strategy:

  • Provide strategic leadership and direction for the cybersecurity function, aligning with CARSOME’s overall business objectives and risk appetite.
  • Develop and implement a comprehensive cybersecurity program based, to drive growth in the maturity of CARSOME's cybersecurity posture.

B. Governance, Risk & Compliance (GRC):

  • Establish and maintain a structured governance framework aligned with ISO 27001.
  • Oversee the development and enforcement of security policies, risk assessments, and compliance monitoring.
  • Ensure continuous security monitoring and reporting to Exco for improved oversight.
  • Establish a formal risk treatment plan and risk acceptance criteria.
  • Lead internal policy enforcement, risk register management, audit liaison, and vendor risk review.

C. Security Operations:

  • Oversee security operations and information security incident response, ensuring timely detection, analysis, and remediation of security incidents.
  • Ensure timely and review of threat intel supplied by SIEM monitoring, MSOC and other relevant sources.
  • Drive outcomes from managed services, such as Managed SOC, DFIR, and VAPT, to triage alerts and defend audit controls.

D. Cloud & Product Security:

  • Lead the implementation of cloud-native security tooling and drive CI/CD pipeline hardening in partnership with Engineering & DevOps teams.
  • Ensure the security of cloud workloads and infrastructure during the AWS-to-GCP migration.
  • Oversee the integration of SAST, DAST, and SCA security testing tools into CI/CD pipelines.
  • Consolidate Application Security (AppSec) and Product Security (ProdSec) into a unified Product Security function.

E. Team Management & Development:

  • Lead and manage a team of security engineers and analysts, providing guidance, mentorship, and professional development opportunities.
  • Foster a security-first mindset and promote security awareness across the organization.

F. Collaboration & Communication:

  • Collaborate with Engineering, DevOps, Product, Legal, IT, and Business Operations teams to prioritize security across all functions.
  • Communicate effectively with leadership and stakeholders on the status of the cybersecurity program, risks, and mitigation strategies.

G. Budget Management:

  • Manage the cybersecurity budget, ensuring efficient allocation of resources to support key initiatives.

Qualifications & Experiences:

  • Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
  • Minimum of 10 years of experience in cybersecurity, with at least 5 years in a leadership role.
  • Strong understanding of cybersecurity frameworks, such as ISO 27001, NIST, and SOX.
  • Experience with cloud security, DevSecOps, and incident response.
  • Excellent leadership, communication, and interpersonal skills.
  • Must demonstrate the ability to translate strategy into execution through verifiable
  • examples of past security program implementations, not just theoretical knowledge.
#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Cybersecurity Manager

Kuala Lumpur, Kuala Lumpur RAPSYS TECHNOLOGIES PTE LTD

Posted 12 days ago

Job Viewed

Tap Again To Close

Job Description

Overview

Join to apply for the Cybersecurity Manager role at RAPSYS TECHNOLOGIES PTE LTD .

Location: Kuala Lumpur, Malaysia

Work Mode: Work From Office

Role: Cybersecurity Manager

What You'll Do
  • Develop and implement comprehensive cybersecurity strategies
  • Monitor and analyze security threats and vulnerabilities
  • Ensure compliance with security policies and regulations
  • Lead and mentor cybersecurity team members
  • Respond to security incidents and conduct investigations
  • Prepare security reports and risk assessments
What We're Looking For
  • 5+ years of experience in cybersecurity management
  • Strong knowledge of security frameworks and standards
  • Experience with security tools and technologies
  • Excellent leadership and communication skills
  • Relevant cybersecurity certifications preferred
  • Proven incident response and risk management experience

Ready to secure our future? Apply now and let's build stronger defenses together!

Seniority level
  • Mid-Senior level
Employment type
  • Full-time
Job function
  • Other
Industries
  • IT Services and IT Consulting

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Cybersecurity Jobs