348 Cybersecurity Analyst jobs in Malaysia

Overview

APAC Talent Acquisition Lead at Cognizant

We are seeking a motivated and detail-oriented Cybersecurity Analyst with approximately 4 years of hands-on experience to support cybersecurity initiatives. The analyst will be responsible for monitoring, analyzing, and responding to security incidents, as well as assisting in the implementation of security controls and compliance measures.

• Monitor and analyze security alerts from various sources (SIEM, firewalls, endpoint protection, etc.).
• Investigate and respond to security incidents and vulnerabilities.
• Assist in the development and enforcement of security policies and procedures.
• Support vulnerability assessments and penetration testing activities.
• Maintain and update documentation related to security operations and incident response.
• Collaborate with IT and business teams to ensure secure system configurations and practices.
• Assist in compliance activities related to ISO 27001, NIST, or other relevant frameworks.
• Stay updated on emerging threats and recommend mitigation strategies.

• Bachelor’s degree in Computer Science, Information Security, or related field.
• Around 4 years of experience in cybersecurity or IT security operations.
• Familiarity with SIEM tools and antivirus.
• Understanding of network protocols, system vulnerabilities, and threat vectors.
• Basic knowledge of regulatory standards and compliance frameworks (e.g., ISO 27001, NIST, GDPR).
• Strong analytical and problem-solving skills.
• Good communication and documentation abilities.

• CompTIA Security+
• Certified Ethical Hacker (CEH)
• GIAC Security Essentials (GSEC)

• Mid-Senior level

• Full-time

• Information Technology

• IT Services and IT Consulting

We are inviting anyone with a keen interest in Cybersecurity to join our growing Malaysia team. This role is a technical role and will require someone with some basic understanding of networking technologies. However, if you do not have the required experience but has an analytic mind, we will provide the necessary training for you to grow in our company.

Responsibilities

• Monitor alerts, research threat activity and recommend appropriate remediation
• Perform triage and alert customer of any suspicious events with recommendations.
• Maintain an accurate audit trail of security requests and events
• Generate, execute and analyze security reports
• Demonstrate exceptional communication skills working with regional teams.

Requirements

• Candidate must possess at least Degree in Cybersecurity or Computer Science or equivalent.
• Candidate must
• Basic system and network security fundamentals.
• Knowledge of desktop, server, database, application and network principles for problem management, risk identification and analysis
• Able to work 12 hours shift

Job Responsibilities

● Designing and implementing cutting-edge cybersecurity solutions to protect applications, data, and infrastructure.

● Continuously improving security measures to mitigate security risks.

● Conducting vulnerability assessments, penetration testing, and risk analysis to identify and address security gaps.

● Diagnosing and responding to security incidents, ensuring rapid containment and resolution.

● Maintaining security best practices and ensuring compliance with relevant industry standards and regulations.

● Mentoring team members to enhance their cybersecurity knowledge and adherence to best practices.

● Developing and integrating security tools for monitoring, detection, and response.

● Improving automation for security testing and deployment pipelines to ensure rapid and secure software delivery.

● Collaborating with development, DevOps, and IT teams to embed security into the software development lifecycle (SDLC).

Job Requirements

● Bachelor's or Master's Degree in Computer Science, Cybersecurity, or a related field.

● 2+ years of real-world experience in cybersecurity.

● Fresh grads are encouraged to apply.

● Proven experience in anti-fraud systems, particularly in mobile security (APK protection and analysis).

● Strong knowledge of application security principles, including secure coding, encryption, authentication, and authorization.

● Hands-on experience with reverse engineering, obfuscation techniques, and tamper detection for APK security.

● Proficiency in security testing methodologies, including penetration testing, SAST, and DAST.

● Familiarity with tools such as Burp Suite, Metasploit, Frida, IDA Pro, or other reverse engineering tools.

● Experience in implementing and managing security frameworks, such as OWASP, NIST, and ISO 27001.

● Strong understanding of networking protocols, firewalls, IDS/IPS, and other security technologies.

● Proficiency in programming/scripting languages such as Python, Java, Kotlin, or C++.

● Experience with cloud security (AWS, Azure, or GCP) is a plus.

● DevSecOps and CI/CD pipeline security experience is highly preferred.

Asgard Resources Sdn Bhd is hiring a Full time Cybersecurity Analyst role in Bangsar South, Wilayah Persekutuan Kuala Lumpur. Apply now to be part of our team.

Job summary:

• Flexible hours available
• Expected salary: RM12,000 - RM14,000 per month

About the Role

My client is seeking a proactive and highly skilled IT Security Engineer to enhance and safeguard our cloud, application, and IT infrastructure security. Reporting to the VP of IT Security and working closely with the IT and Engineering teams, this position requires expertise in both offensive and defensive security operations across cloud and hybrid environments.

The ideal candidate will bring hands-on experience with leading security tools, cloud-native controls, and a passion for continuous learning in a dynamic and threat-driven environment.

Key Responsibilities

1. Offensive Security Operations

• Perform Dynamic Application Security Testing (DAST) using tools like Rapid7 InsightAppSec.
• Support Static Application Security Testing (SAST) to embed security into SDLC.
• Optimize security tools, emphasizing native cloud security controls (e.g., Rapid7 InsightCloudSec).

2. Defensive Security Operations

• Contribute to incident prevention and respond swiftly to security breaches.
• Manage full-cycle incident response: detection, analysis, containment, remediation, and post-review.
• Remediate vulnerabilities across infrastructure using tools such as Rapid7 InsightVM.
• Administer endpoint protection (e.g., Microsoft Defender, Trend Micro).
• Triage alerts from SIEM platforms like Rapid7 InsightIDR.
• Enforce least-privilege access via IAM configurations in cloud environments.
• Research and evaluate emerging technologies and tool upgrades.
• Harden IT systems by applying industry best practices and security configurations.

3. General Security Administration & Compliance

• Monitor and report on security risks, implementing mitigation strategies.
• Support audits and compliance with cloud-based security frameworks and regulations.

4. Core Technical Skills Required

• Cloud: AWS, Azure, Microsoft 365
• Tools: Rapid7 InsightVM, InsightIDR, InsightAppSec, InsightCloudSec
• Frameworks: NIST, OWASP Top 10, Microsoft SDLC, CIS Benchmarks
• Cloud Security Posture Management (CSPM), IaC Security, SIEM
• Identity and Access Management (IAM), Endpoint Protection
• Strong documentation and analytical skills

5. Requirements

• Malaysian citizenship is mandatory.
• Bachelor's Degree in Cybersecurity, Computer Science, or a related field.
• Minimum 5 years' experience in IT security, with a strong cloud security focus.
• Proven ability to diagnose and solve complex security issues.
• Excellent communication skills for both technical and non-technical stakeholders.
• Ability to train and guide team members in security best practices.
• Self-driven, adaptable, and collaborative with a continuous learning mindset.

6. Why Join Us?

Security-First Mission: Play a critical role in defending systems from evolving threats.

Cloud-Forward Environment: Drive secure cloud adoption and posture management.

Professional Growth: Access to training and exposure to cutting-edge security tools.

Cross-Functional Impact: Collaborate across IT, engineering, and compliance teams.

Schedule: Monday to Friday (UK or US Timezone)

Work Arrangement: Hybrid

Job Summary:

We are seeking a motivated and detail-oriented
Cybersecurity Analyst
with approximately 4
years of hands-on experience
to support cybersecurity initiatives. The analyst will be responsible for monitoring, analyzing, and responding to security incidents, as well as assisting in the implementation of security controls and compliance measures.

Key Responsibilities:

• Monitor and analyze security alerts from various sources (SIEM, firewalls, endpoint protection, etc.)
• Investigate and respond to security incidents and vulnerabilities.
• Assist in the development and enforcement of security policies and procedures.
• Support vulnerability assessments and penetration testing activities.
• Maintain and update documentation related to security operations and incident response.
• Collaborate with IT and business teams to ensure secure system configurations and practices.
• Assist in compliance activities related to ISO 27001, NIST, or other relevant frameworks.
• Stay updated on emerging threats and recommend mitigation strategies.

Required Skills & Qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field.
• Around 4
  years of experience
  in cybersecurity or IT security operations.
• Firewalls (e.g., Fortinet, Palo Alto)
• Mobile Device Management (e.g., Microsoft Intune)
• Endpoint Detection & Response platforms (e.g., CrowdStrike, Microsoft Defender)
• Familiarity with SIEM tools and antivirus.
• Understanding of network protocols, system vulnerabilities, and threat vectors.
• Basic knowledge of regulatory standards and compliance frameworks (e.g., ISO 27001, NIST, GDPR).
• Strong analytical and problem-solving skills.
• Good communication and documentation abilities.

Preferred Certifications (Optional but Advantageous):

• CompTIA Security+
• Certified Ethical Hacker (CEH)
• GIAC Security Essentials (GSEC)
• Cisco CCNA Security

Job Summary:

We are seeking a motivated and detail-oriented Cybersecurity Analyst with approximately 4 years of hands-on experience to support cybersecurity initiatives. The analyst will be responsible for monitoring, analyzing, and responding to security incidents, as well as assisting in the implementation of security controls and compliance measures.

Key Responsibilities:

• Monitor and analyze security alerts from various sources (SIEM, firewalls, endpoint protection, etc.)
• Investigate and respond to security incidents and vulnerabilities.
• Assist in the development and enforcement of security policies and procedures.
• Support vulnerability assessments and penetration testing activities.
• Maintain and update documentation related to security operations and incident response.
• Collaborate with IT and business teams to ensure secure system configurations and practices.
• Assist in compliance activities related to ISO 27001, NIST, or other relevant frameworks.
• Stay updated on emerging threats and recommend mitigation strategies.

Required Skills & Qualifications:

• Bachelor's degree in computer science, Information Security, or related field.
• Around 4 years of experience in cybersecurity or IT security operations.
• Firewalls (e.g., Fortinet, Palo Alto)
• Mobile Device Management (e.g., Microsoft Intune)
• Endpoint Detection & Response platforms (e.g., CrowdStrike, Microsoft Defender)
• Familiarity with SIEM tools and antivirus.
• Understanding of network protocols, system vulnerabilities, and threat vectors.
• Basic knowledge of regulatory standards and compliance frameworks (e.g., ISO 27001, NIST, GDPR).
• Strong analytical and problem-solving skills.
• Good communication and documentation abilities.

Preferred Certifications (Optional but Advantageous):

• CompTIA Security+
• Certified Ethical Hacker (CEH)
• GIAC Security Essentials (GSEC)
• Cisco CCNA Security

About Cognizant:

Cognizant (Nasdaq: CTSH) engineers modern businesses. We help our clients modernize technology, reimagine processes and transform experiences so they can stay ahead in our fast-changing world. Together, we're improving everyday life. See how at or @cognizant.

Responsibilities:

• Proactively monitor, detect and response to known and or emerging threats.
• Create and maintain operational reports and dashboards.
• Develop, update, and implement cybersecurity measures and controls.
• Determine, adapt, and maintain corporate cybersecurity procedures and policies.
• Collect and analyse threat intelligence and produce TI report to update various stakeholders.
• Identify and prioritize security threats and vulnerabilities, working with IT teams to ensure timely remediation.
• Exposure to diverse security domains and tools, with hands-on responsibility in areas including XDR, PAM, CDN, WAF, CNAPP, and more.
• Perform diverse duties assigned by the manager to support organizational security goals and initiatives.

Requirements:

• Diploma/Degree in Computer Science, IT Security, or a related field.
• Possesses relevant professional certifications (e.g. CEH, CSX-P or CySA+).
• 0-3 years thorough knowledge and experience in Information Technology, fresh graduate is welcome to apply.
• Working knowledge and exposure to any EPP, SIEM, DLP, EDR, WAF, PAM, CNAPP or any other security solutions.
• Knowledge/experience with operating systems, networking technology and cybersecurity theory. Possessing knowledge of cloud security and PAM is advantageous.
• Familiarity with cyber security standard/framework (e.g. CIS Benchmark, NIST CSF, ISO
• Familiarity with legal and regulatory standard/framework. (e.g. MAS TRMG, BNM RMiT, SG/MY PDPA).
• Strong analytical and problem-solving skills.
• Ability to deal with the ambiguity associated with working in a fast paced and changing environment.

Perks and Benefits:

• Employee Share Options / Performance Shares : The company introduced the Share Options / Performance Shares Plan to recognize employees' contributions and achievements in the growth of the company.
• Investment : 0% sales charge for unit trust & 50% staff rebate on front end charges for stocks and ETFs * if you invest through our platform.
• Snacks & Beverages : Enjoy a variety of snacks and drinks from vending machines, including fresh-brewed espresso, Americano, and more from the coffee machine. Additionally, we have a weekly Breakfast Day and Fruits Day
• Relaxation : Access to a relaxation room equipped with massage chairs at all times to help you relieve tiredness and stress.
• Yearly Activities : Participation in outdoor activities, celebrations during festive seasons, and more exciting events
• Remuneration Package : Competitive salary packages that are well above market rates for those with the right potential.
• Annual Salary Review and Yearly Bonus : Both processes will be conducted depending on the company's performance and individual work performance.
• Coverage : Comprehensive insurance along with Medical, Dental & Optical coverage.
• Allowances : Monthly sports allowance, Enjoy yearly department gatherings, and welcome lunches for new staffs.
• Training : Benefit from free external and internal training providers, ensuring continuous learning and development.
• Annual Leave : Entitlement to 21 days of annual leave.

These benefits are designed to enhance your overall well-being and ensure a rewarding working experience with us.

All applications will be treated in strict confidence. We regret that only shortlisted applicants will be notified.

Note: Job responsibilities / requirements are representative and are not intended to be a detailed list. Other tasks/abilities may be required of the incumbent, relative to the specific assignment.

Location: KL Eco City, KL

Working Arrangement: Hybrid (wfh every Monday) & Flexible working hour

Job Responsibilities:

• Designing and implementing cutting-edge cybersecurity solutions to protect applications, data, and infrastructure.
• Continuously improving security measures to mitigate security risks.
• Conducting vulnerability assessments, penetration testing, and risk analysis to identify and address security gaps.
• Diagnosing and responding to security incidents, ensuring rapid containment and resolution.
• Maintaining security best practices and ensuring compliance with relevant industry standards and regulations.
• Mentoring team members to enhance their cybersecurity knowledge and adherence to best practices.
• Developing and integrating security tools for monitoring, detection, and response.
• Improving automation for security testing and deployment pipelines to ensure rapid and secure software delivery.
• Collaborating with development, DevOps, and IT teams to embed security into the software development lifecycle (SDLC).

Job Requirements:

• Bachelor's or Master's Degree in Computer Science, Cybersecurity, or a related field.
• 4 to 7 years of real-world experience in cybersecurity.
• Proven experience in anti-fraud systems, particularly in mobile security (APK protection and analysis).
• Strong knowledge of application security principles, including secure coding, encryption, authentication, and authorization.
• Hands-on experience with reverse engineering, obfuscation techniques, and tamper detection for APK security.
• Proficiency in security testing methodologies, including penetration testing, SAST, and DAST.
• Familiarity with tools such as Burp Suite, Metasploit, Frida, IDA Pro, or other reverse engineering tools.
• Experience in implementing and managing security frameworks, such as OWASP, NIST, and ISO 27001.
• Strong understanding of networking protocols, firewalls, IDS/IPS, and other security technologies.
• Proficiency in programming/scripting languages such as Python, Java, Kotlin, or C++.
• Experience with cloud security (AWS, Azure, or GCP) is a plus.
• DevSecOps and CI/CD pipeline security experience is highly preferred.
• Strong problem-solving skills, adaptability, and a proactive approach to security threats.
• Ability to write clear and maintainable documentation, security policies, and reports.
• Excellent communication skills, with the ability to educate non-security teams on best practices.
• Start-up experience and entrepreneurial mindset are highly preferred.

Job Types: Full-time, Permanent

Pay: RM8, RM9,500.00 per month

Benefits:

• Additional leave
• Dental insurance
• Flexible schedule
• Health insurance
• Maternity leave
• Opportunities for promotion
• Parental leave
• Professional development
• Vision insurance
• Work from home

Application Question(s):

• Are you familiar with anti-fraud systems, particularly in mobile security (APK protection and analysis)?
• How long is your notice period (weeks)?
• How much is your expected salary (RM)?

Language:

• Mandarin (Required)

Work Location: In person

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

The Position

A healthier future. It's what drives us to innovate. To continuously advance science and ensure everyone has access to the healthcare they need today and for generations to come. Creating a world where we all have more time with the people we love. That's what makes us Roche

The Global Security, Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. As a Cybersecurity Analyst, you will help protect proprietary information, patient data, keep computer systems clean, and provide a safe information environment for our users. All analysts are responsible for monitoring security information, identifying threats, and taking actions to defend all Roche information systems.

This is an On-Site position based in Kuala Lumpur, and part of a round robin on-call schedule to cover weekends.
The Opportunity:
As a Cybersecurity Analyst in the Monitoring and Incident Response team, you will partner with other security experts to proactively identify areas of improvement, design and validate preventative and detective controls, as well as design response strategies within a global enterprise. You will use your knowledge, technical abilities and creativity, to navigate a diverse set of security related logs and telemetry. In addition to hunting, you will work to identify and address visibility and logging deficiencies within the network.

You will be:

• You have experience responding to incidents in cloud environments as well as Network and Endpoint security monitoring experience in a large sophisticated environment
• Demonstrated ability to analyze, triage, and escalate information security incidents as well as being familiar with various defensive and offensive security tool sets
• Experience with Google Workspace, Microsoft Office 365, Entra ID, Sharepoint Online, PAN XDR, Splunk, BigQuery and threat intel platforms such as MISP, OpenCTI
• You are proficient in English
• Industry relevant certifications such as BTL1/2, GMON, GCIH, GCFA, GREM, are appreciated but not mandatory
• You triage and investigate reported security incidents. Refine incident management processes and response processes. You maintain awareness of emerging threats, vulnerabilities, and security trends to proactively identify and address potential risks, impacting all members of the Roche group; address questions of end users related to IT security topics through our communication channels. Manage and coordinate incidents across the APAC region, serving as the single point of contact (SPOC) for all related matters

Who you are:

• You hold a Bachelor's degree, and have +5 years of work experience in the cybersecurity field.
• You have experience driving threat hunting, incident response, or data protection missions and have a solid understanding of the most common security vulnerabilities and attack vectors, as well as their respective mitigation strategies
• Proficiency with scripting or programming languages such as Python, Powershell/C#, Bash.You are proficient in clearly articulating technical findings and recommendations to both technical and non-technical stakeholders, and the capability to work independently or as part of a team
• You are comfortable challenging the status quo, to improve the security posture of the Roche group and have the ability to work within security frameworks and methodologies (e.g. ATT&CK, STRIDE)
• You have problem-solving skills, you can identify issues and develop effective solutions promptly and efficiently.You have a critical thinking mindset, and you have the ability to analyze and evaluate information to guide decision-making and solve complex problems
• You are proficient in English and you have a passion for the field of computer and network security

Who we are

A healthier future drives us to innovate. Together, more than 100'000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let's build a healthier future, together.

Roche is an Equal Opportunity Employer.