231 Cybersecurity Specialists jobs in Kuala Lumpur

As a Cybersecurity Specialist you will be working in the central team with worldwide responsibility for Cybersecurity topics within Continental.

Those will be your future main tasks:

Cybersecurity Consulting

• generic cybersecurity consulting for other teams, IT functions and business functions
• collaboration within the global cybersecurity community
• publishing cybersecurity information to various audiences
• providing technical expertise on IT cybersecurity technologies to other IT and business teams worldwide

Project Support

• cybersecurity consulting (including rule compliance, technical topics, support during provider interviews)
• review of security checklists
• security review of solution / product / architecture documentation
• documentation & solution approval

Service Requests

• consulting for cybersecurity-related service requests (changes, incidents, work orders)
• review and approval of cybersecurity-related service requests (changes)

Trend Evaluation

• evaluation of current technology and cybersecurity trends

Cybersecurity Rules

• definition & review of cybersecurity rules
• definition & review of supporting documents (standards, guidelines, checklists, etc.)
• consulting towards understanding & implementing rule requirements

Audit Support

• support of technical cybersecurity audits, tests and assessments

Cybersecurity Incident Support

• cybersecurity guidance/consulting for other IT functions or cybersecurity teams
• coordination with other IT functions or cybersecurity teams
• technical analysis

Application Security

• evaluation, review, and approval of different types of applications (client, mobile, add-Ins, web applications and more)

As a Cybersecurity Specialist you will be working in the central team with worldwide responsibility for Cybersecurity topics within Continental.

Those will be your future main tasks:

Cybersecurity Consulting

• generic cybersecurity consulting for other teams, IT functions and business functions
• collaboration within the global cybersecurity community
• publishing cybersecurity information to various audiences
• providing technical expertise on IT cybersecurity technologies to other IT and business teams worldwide

Project Support

• cybersecurity consulting (including rule compliance, technical topics, support during provider interviews)
• review of security checklists
• security review of solution / product / architecture documentation
• documentation & solution approval

Service Requests

• consulting for cybersecurity-related service requests (changes, incidents, work orders)
• review and approval of cybersecurity-related service requests (changes)

Trend Evaluation

• evaluation of current technology and cybersecurity trends

Cybersecurity Rules

• definition & review of cybersecurity rules
• definition & review of supporting documents (standards, guidelines, checklists, etc.)
• consulting towards understanding & implementing rule requirements

Audit Support

• support of technical cybersecurity audits, tests and assessments

Cybersecurity Incident Support

• cybersecurity guidance/consulting for other IT functions or cybersecurity teams
• coordination with other IT functions or cybersecurity teams
• technical analysis

Application Security

• evaluation, review, and approval of different types of applications (client, mobile, add-Ins, web applications and more)

• Academic degree in Information Technology or similar qualification
• Several years of experience in IT (Enterprise environment)
• Communication Skills to effectively communicate information to various target groups
• Interest in current technology trends
• Willingness to travel from time to time
• Proficiency in English language

Knowledge on:

• General IT architecture and concepts (computers, network, cloud, storage, etc.)
• Microsoft Active Directory & Entra ID
• applications architectural concepts and technologies
• IndustryCybersecurity standards like security frameworks/standards (OWASP,NIST, CIS, ISO 27000 family, BSI, etc.)
• Software Vulnerabilities handling

• Academic degree in Information Technology or similar qualification
• Several years of experience in IT (Enterprise environment)
• Communication Skills to effectively communicate information to various target groups
• Interest in current technology trends
• Willingness to travel from time to time
• Proficiency in English language

Knowledge on:

• General IT architecture and concepts (computers, network, cloud, storage, etc.)
• operating systems (MacOS, Linux, Windows)
• Microsoft Active Directory & Entra ID
• applications architectural concepts and technologies
• authentication & encryption (Kerberos, OAuth2, SAML, LDAP, certificates, TLS, HSM, disk encryption, etc.)
• IndustryCybersecurity standards like security frameworks/standards (OWASP,NIST, CIS, ISO 27000 family, BSI, etc.)
• Software Vulnerabilities handling

We want our employees to do well with us. That's why we offer them not only an exciting job in an international technology group, but also numerous additional offers such as flexible and hybrid working, sabbaticals and other benefits.

If this sounds like a perfect match for you and if you want to become the next supporter of our core values Trust For One Another, Passion to Win and Freedom to Act, we are looking forward receiving your application.

Ready to drive with Continental? Take the first step and fill in the online application.

Continental develops pioneering technologies and services for sustainable and connected mobility of people and their goods. Founded in 1871, the technology company offers safe, efficient, intelligent and affordable solutions for vehicles, machines, traffic and transportation. In 2024, Continental generated sales of €39.7 billion and currently employs around 190,000 people in 55 countries and markets.

Tire solutions from the Tires group sector make mobility safer, smarter, and more sustainable. Its premium portfolio encompasses car, truck, bus, two-wheel, and specialty tires as well as smart solutions and services for fleets and tire retailers. Continental has been delivering top performance for more than 150 years and is one of the world’s largest tire manufacturers. In fiscal 2024, the Tires group sector generated sales of 13.9 billion euros. Continental's tire division employs more than 57,000 people worldwide and has 20 production and 16 development sites.

Legal Entity
Continental Tyre PJ Malaysia Sdn. Bhd.

Company Description
Continental develops pioneering technologies and services for sustainable and connected mobility of people and their goods. Founded in 1871, the technology company offers safe, efficient, intelligent and affordable solutions for vehicles, machines, traffic and transportation. In 2024, Continental generated sales of €39.7 billion and currently employs around 190,000 people in 55 countries and markets.

Tire solutions from the Tires group sector make mobility safer, smarter, and more sustainable. Its premium portfolio encompasses car, truck, bus, two-wheel, and specialty tires as well as smart solutions and services for fleets and tire retailers. Continental has been delivering top performance for more than 150 years and is one of the world's largest tire manufacturers. In fiscal 2024, the Tires group sector generated sales of 13.9 billion euros. Continental's tire division employs more than 57,000 people worldwide and has 20 production and 16 development sites.

Job Description
As a
Cybersecurity Specialist
you will be working in the central team with worldwide responsibility for Cybersecurity topics within Continental.

Those will be your future main tasks:

Application Security

• evaluation, review, and approval of different types of applications (client, mobile, add-Ins, web applications and more)

Cybersecurity Consulting

• generic cybersecurity consulting for other teams, IT functions and business functions
• collaboration within the global cybersecurity community
• publishing cybersecurity information to various audiences
• providing technical expertise on IT cybersecurity technologies to other IT and business teams worldwide

Project Support

• cybersecurity consulting (including rule compliance, technical topics, support during provider interviews)
• review of security checklists
• security review of solution / product / architecture documentation
• documentation & solution approval

Service Requests

• consulting for cybersecurity-related service requests (changes, incidents, work orders)
• review and approval of cybersecurity-related service requests (changes)

Trend Evaluation

• evaluation of current technology and cybersecurity trends

Cybersecurity Rules

• definition & review of cybersecurity rules
• definition & review of supporting documents (standards, guidelines, checklists, etc.)
• consulting towards understanding & implementing rule requirements

Audit Support

• support of technical cybersecurity audits, tests and assessments

Cybersecurity Incident Support

• cybersecurity guidance/consulting for other IT functions or cybersecurity teams
• coordination with other IT functions or cybersecurity teams
• technical analysis

Qualifications

• Academic degree in Information Technology or similar qualification
• Several years of experience in IT (Enterprise environment)
• Communication Skills to effectively communicate information to various target groups
• Interest in current technology trends
• Willingness to travel from time to time
• Proficiency in English language

Knowledge on:

• General IT architecture and concepts (computers, network, cloud, storage, etc.)
• operating systems (MacOS, Linux, Windows)
• Microsoft Active Directory & Entra ID
• applications architectural concepts and technologies
• authentication & encryption (Kerberos, OAuth2, SAML, LDAP, certificates, TLS, HSM, disk encryption, etc.)
• Industry Cybersecurity standards like security frameworks/standards (OWASP,NIST, CIS, ISO 27000 family, BSI, etc.)
• Software Vulnerabilities handling

Additional Information
We want our employees to do well with us. That's why we offer them not only an exciting job in an international technology group, but also numerous additional offers such as flexible and hybrid working, and other benefits.

Click here to find out more.

If this sounds like a perfect match for you and if you want to become the next supporter of our core values Trust For One Another, Passion to Win and Freedom to Act, we are looking forward receiving your application.

Ready to drive with Continental? Take the first step and fill in the online application.

The Assistant Vice President (AVP), Cybersecurity is a leadership role responsible for the end-to-end management and strategic direction of CARSOME's cybersecurity program. This role is responsible for driving the delivery of Governance, Risk & Compliance (GRC), Security Operations, Cloud Security, and Product Security initiatives. The AVP will lead a team of security professionals to implement foundational security controls, meet audit expectations, and support strategic expansion in alignment with the Cybersecurity Strategy 2025 and ISO 27001 standards.

Key Responsibilities:

A. Leadership & Strategy:

• Provide strategic leadership and direction for the cybersecurity function, aligning with CARSOME’s overall business objectives and risk appetite.
• Develop and implement a comprehensive cybersecurity program to drive growth in the maturity of CARSOME's cybersecurity posture.

B. Governance, Risk & Compliance (GRC):

• Establish and maintain a structured governance framework aligned with ISO 27001.
• Oversee the development and enforcement of security policies, risk assessments, and compliance monitoring.
• Ensure continuous security monitoring and reporting to Exco for improved oversight.
• Establish a formal risk treatment plan and risk acceptance criteria.
• Lead internal policy enforcement, risk register management, audit liaison, and vendor risk review.

C. Security Operations:

• Oversee security operations and information security incident response, ensuring timely detection, analysis, and remediation of security incidents.
• Ensure timely review of threat intel supplied by SIEM monitoring, MSOC and other relevant sources.
• Drive outcomes from managed services, such as Managed SOC, DFIR, and VAPT, to triage alerts and defend audit controls.
• Lead the implementation of cloud-native security tooling and drive CI/CD pipeline hardening in partnership with Engineering & DevOps teams.
• Ensure the security of cloud workloads and infrastructure during the AWS-to-GCP migration.
• Oversee the integration of SAST, DAST, and SCA security testing tools into CI/CD pipelines.
• Consolidate Application Security (AppSec) and Product Security (ProdSec) into a unified Product Security function.

E. Team Management & Development:

• Lead and manage a team of security engineers and analysts, providing guidance, mentorship, and professional development opportunities.
• Foster a security-first mindset and promote security awareness across the organization.
• Collaborate with Engineering, DevOps, Product, Legal, IT, and Business Operations teams to prioritize security across all functions.
• Communicate effectively with leadership and stakeholders on the status of the cybersecurity program, risks, and mitigation strategies.

G. Budget Management:

• Manage the cybersecurity budget, ensuring efficient allocation of resources to support key initiatives.

Qualifications & Experiences:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Minimum of 10 years of experience in cybersecurity, with at least 5 years in a leadership role.
• Strong understanding of cybersecurity frameworks, such as ISO 27001, NIST, and SOX.
• Experience with cloud security, DevSecOps, and incident response.
• Excellent leadership, communication, and interpersonal skills.
• Must demonstrate the ability to translate strategy into execution through verifiable examples of past security program implementations, not just theoretical knowledge.

CARSOME is Southeast Asia’s largest integrated car e-commerce platform. With operations across Malaysia, Indonesia, Thailand and Singapore, CARSOME aims to digitize the region’s used car industry by reshaping and elevating the car buying and selling experience.

CARSOME provides end-to-end solutions to consumers and used car dealers, from car inspection to ownership transfer to financing, promising a service that is trusted, convenient and efficient. CARSOME currently transacts around 100,000 cars annually and has more than 2,000 employees across all its offices.

CARSOME is an equal opportunities employer and welcomes applications from diverse candidates.

Press Tab to Move to Skip to Content Link

Select how often (in days) to receive an alert:

The Cybersecurity Manager will lead the organisation's security posture, deliver the execution of key security initiatives in the GDC air gapped and hybrid environments, and support Gamuda Dnex Cloud’s market presence within the specialised air gapped sovereign cloud sector. This role demands a unique blend of technical cybersecurity expertise, robust management skills, and a strong operations acumen to navigate the complexities of this highly regulated and security-sensitive market.

1. Cybersecurity Operations Management & Support

• Manage 24/7 security monitoring through SIEM, EDR, IDS/IPS.
• Lead incident response processes including triage, containment, recovery, and reporting.
• Conduct threat hunting and integrate controlled threat intelligence sources.
• Maintain post-incident analysis and manage security documentation.

2. Vulnerability Management

• Perform vulnerability assessments and categorization using tools like Tenable/Nessus.
• Manage secure patch acquisition and deployment with validation and rollback procedures.
• Enforce secure system configurations and monitor unauthorized changes.

3. Identity & Access Management (IAM)

• Monitor access logs for anomalies and enforce least privilege principles.
• Manage privileged access (PAM), and oversee authentication token issuance and revocation.
• Conduct periodic audits of access rights and activities.

4. Data Security

• Manage encryption key lifecycle and monitor Hardware Security Modules (HSM).
• Implement data loss prevention (DLP) strategies within air-gapped constraints.

5. Compliance & Auditing

• Maintain and secure audit logs for user, admin, and system activity.
• Monitor and report on compliance with frameworks like NIST, FedRAMP, and FIPS.
• Support external audits, regulatory reviews, and compliance reporting.

6. Security Engineering & Optimisation

• Manage and optimize security tools (SIEM, EDR, SOAR).
• Implement automation to improve threat detection and incident response.
• Maintain playbooks and regularly update security documentation.
• Drive continuous improvement of cybersecurity processes and tooling
• Lead a team of cybersecurity professionals with focus on sovereign cloud and air-gapped operations.
• Provide technical training, mentorship, and ensure knowledge transfer within the team.
• Manage relationships with regulators, auditors, and government clients.
• Promote a culture of compliance, security awareness, and operational excellence.

• Bachelor's degree in Computer Science, Cybersecurity, or a related field
• 6-8+ years of experience in cybersecurity, with a focus on SecOps management, security architecture, and SIEM/SOAR development within highly regulated or security-sensitive industries.
• Deep understanding of air-gapped environments, sovereign cloud solutions, and national security regulations.
• Proven experience in managing complex security programs and projects within restricted or isolated environments. Experience in Chronicle would be an advantage for this role.
• Strong support experience in developing and executing cybersecurity and Modern SecOps strategies for complex technical solutions.
• Project management skills, including knowledge of project management methodologies (e.g., PMP, Agile/Scrum).
• Strong leadership, communication, and interpersonal skills.
• Ability to work effectively in a fast-paced and dynamic environment.
• Relevant cybersecurity certifications (e.g., CISSP, CISM, Palo Alto Certified/Admin/Architect, Splunk Enterprise Architect/Admin/Power User, Modern SecOps,CEH).

Preferred Qualifications:

• Experience working with government agencies or critical infrastructure providers.
• Experience with cloud security and compliance frameworks specific to sovereign cloud environments.
• Strong network of contacts within the government and defense sectors.
• Experience with security automation and orchestration in air-gapped environments. Key

• Air-gapped security architecture and implementation
• Sovereign cloud compliance and governance
• Programme and project management in restricted environments
• Business development and sales in the government sector
• Incident response and security operations in isolated environments
• Risk management and compliance
• Team leadership and development
• Communication and stakeholder management

• 6-8+ years of experience in cybersecurity, with a focus on SecOps management, security architecture, and SIEM/SOAR development within highly regulated or security-sensitive industries.

About You

The Assistant Vice President (AVP), Cybersecurity is a leadership role responsible for the end-to-end management and strategic direction of CARSOME's cybersecurity program. This role is responsible for driving the delivery of Governance, Risk & Compliance (GRC), Security Operations, Cloud Security, and Product Security initiatives. The AVP will lead a team of security professionals to implement foundational security controls, meet audit expectations, and support strategic expansionin alignment with the Cybersecurity Strategy 2025 and ISO 27001 standards.

Key Responsibilities:

A. Leadership & Strategy:

• Provide strategic leadership and direction for the cybersecurity function, aligning with CARSOME’s overall business objectives and risk appetite.
• Develop and implement a comprehensive cybersecurity program based, to drive growth in the maturity of CARSOME's cybersecurity posture.

B. Governance, Risk & Compliance (GRC):

• Establish and maintain a structured governance framework aligned with ISO 27001.
• Oversee the development and enforcement of security policies, risk assessments, and compliance monitoring.
• Ensure continuous security monitoring and reporting to Exco for improved oversight.
• Establish a formal risk treatment plan and risk acceptance criteria.
• Lead internal policy enforcement, risk register management, audit liaison, and vendor risk review.

C. Security Operations:

• Oversee security operations and information security incident response, ensuring timely detection, analysis, and remediation of security incidents.
• Ensure timely and review of threat intel supplied by SIEM monitoring, MSOC and other relevant sources.
• Drive outcomes from managed services, such as Managed SOC, DFIR, and VAPT, to triage alerts and defend audit controls.

D. Cloud & Product Security:

• Lead the implementation of cloud-native security tooling and drive CI/CD pipeline hardening in partnership with Engineering & DevOps teams.
• Ensure the security of cloud workloads and infrastructure during the AWS-to-GCP migration.
• Oversee the integration of SAST, DAST, and SCA security testing tools into CI/CD pipelines.
• Consolidate Application Security (AppSec) and Product Security (ProdSec) into a unified Product Security function.

E. Team Management & Development:

• Lead and manage a team of security engineers and analysts, providing guidance, mentorship, and professional development opportunities.
• Foster a security-first mindset and promote security awareness across the organization.

F. Collaboration & Communication:

• Collaborate with Engineering, DevOps, Product, Legal, IT, and Business Operations teams to prioritize security across all functions.
• Communicate effectively with leadership and stakeholders on the status of the cybersecurity program, risks, and mitigation strategies.

G. Budget Management:

• Manage the cybersecurity budget, ensuring efficient allocation of resources to support key initiatives.

Qualifications & Experiences:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Minimum of 10 years of experience in cybersecurity, with at least 5 years in a leadership role.
• Strong understanding of cybersecurity frameworks, such as ISO 27001, NIST, and SOX.
• Experience with cloud security, DevSecOps, and incident response.
• Excellent leadership, communication, and interpersonal skills.
• Must demonstrate the ability to translate strategy into execution through verifiable
• examples of past security program implementations, not just theoretical knowledge.

Company Overview :

Our client is a leading provider of Managed IT Security Services and Network Solutions, dedicated to safeguarding digital infrastructures and ensuring the seamless operation of IT systems for businesses of all sizes. Specializing in end-to-end solutions, they are committed to enhancing security, performance, and reliability across diverse industries.

The New Roles :

1. Lead team of cyber security analysts
2. Attend calls/complaints/requests on all operational issues
3. Analyse, investigate, and provide security consultation for all security incidents
4. Be the point of contact for the customer and the SOC for security logs monitoring, security systems, management consoles, and other monitoring tools
5. Act as a focal point for IT security investigations and direct a full investigation with recommended courses of action
6. Strategize remedial action plans for detected security incidents. Execute remedial action discovery and follow up on the effectiveness of incident solutions
7. Notify the customer on the latest advisories and threat intelligence based on new trends, threats, emerging campaigns, malicious attacks, and hacker groups
8. Coordinate with relevant parties to deliver security services in a multi-vendor environment.
9. Engage with clients and assess their digital forensic and cyber security needs
10. Lead security projects and engage in strategic planning for the deployment of information security technologies and enhancements to achieve technical solutions for all projects
11. Develop solutions to handle security incidents and coordinate investigative activities
12. Ensure that all milestones stipulated in the project plan are met within the time, quality, resource, and budget constraints
13. Prepare senior-level technical reports for executive management
14. Create and maintain close relationships with the customer and partners

Requirement to succeed:

1. At least a degree in Computer Security, Network Security, or equivalent
2. Minimum 2 years of working experience
3. Good command of spoken and written English is a must

To Apply:

If you’re interested in this role, click ‘apply now’ to submit your resume (in MS Word format) to Due to overwhelming responses, we will only be able to contact shortlisted candidates.

Job Ref: /097

Consultant: Hui Cheng Heng

Registration No: -W)

EA Licence No: JTKSM 949A

BJAK is Southeast Asia's largest digital insurance platform with millions of users across Malaysia, Thailand, Taiwan, and Japan. We are hiring a Cybersecurity Engineer to safeguard and strengthen our core technology — spanning infrastructure, cloud, applications, and devices.

This is a high-responsibility role reporting directly to senior management. It's ideal for someone who thrives in fast-paced, high-stakes environments, takes full ownership, and can act decisively under pressure. If you're looking for predictability and step-by-step instructions, this isn't for you. But if you want to directly protect millions of users with speed, autonomy, and impact, BJAK is the right place for you.

Responsibilities

• Lead end-to-end cybersecurity across infrastructure, cloud, endpoints, and applications
• Monitor SOC alerts, perform threat intelligence analysis, and manage incident response
• Implement and manage EDRs, firewalls, antivirus, IDS/IPS, and other security platforms
• Conduct vulnerability assessments and penetration tests, and implement proactive fixes
• Drive DevSecOps practices across the software development lifecycle
• Secure cloud infrastructure (GCP, AWS, Azure), including IAM, encryption, and audit logging
• Lead security audits and support compliance (ISO 27001, NIST, or equivalent frameworks)
• Collaborate with DevOps, Compliance, Legal, and Product teams to embed security culture
• Deliver employee training and run real-world attack simulations
• Own the security risk register and continuously improve controls
• Liaise with auditors, regulators, and third-party vendors

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, or related field
• 3+ years' hands-on experience in cybersecurity or information security
• Strong knowledge of EDR, firewalls, SIEM, IDS/IPS, antivirus, and related tools
• Proven track record in incident handling and root cause analysis
• Cloud security experience (GCP, AWS, Azure), with knowledge of IAM and encryption
• Familiarity with compliance frameworks (ISO 27001, NIST, HIPAA, local laws)
• Solid understanding of DevSecOps and CI/CD security
• Clear communication and effective escalation skills
• Immediate availability is highly preferred

Nice to Have

• Certifications: CISSP, CEH, OSCP, or similar
• Experience in fintech, banking, or other regulated/high-risk environments
• Exposure to auditors, regulators, or compliance committees
• Ethical hacking, red teaming, or adversary simulation experience
• Scripting/automation skills for security operations at scale

What We Offer

• Competitive salary and performance-based bonuses
• Hybrid working model with high autonomy and trust
• Direct access to senior leadership and visibility on strategic matters
• High-impact role with ownership from day one
• Opportunity to shape BJAK's security architecture from the ground up
• Fast-tracked career growth in a mission-driven fintech company

Role
: Cybersecurity Assistant Manager and Manager, GRC (Both)

Key Responsibilities:

• Support daily cybersecurity governance and audit-related activities in accordance with internal policies and regulatory frameworks.
• Coordinate and track closure of security audit findings, penetration test gaps, and other risk items.
• Maintain and update security-related SOPs, policies, and documentation for internal and external audits.
• Participate in risk assessments for infrastructure, systems, and applications.
• Assist in RFP evaluations and system contract renewals from a security compliance perspective.
• Collaborate with cross-functional teams to ensure consistent application of security controls and standards.
• Support internal and external audits by preparing documentation and responding to security queries.

Required Qualifications:

• Bachelor's degree in Information Technology, Cybersecurity, or a related field.
• 3–5 years (Assistant Manager) or 6+ years (Manager) of experience in cybersecurity governance, risk, and compliance,
  MUST be within the banking or financial services sector.
• Strong knowledge of industry regulations and frameworks: ISO 27001, NIST, PCI-DSS, BNM-RMiT, etc.
• Professional certifications (one or more required):
  CISA, CISM, CISSP, ISO 27001 Lead Auditor/Implementer, CRISC, CEH
  , or equivalent.
• Solid understanding of IT infrastructure (Wintel/Unix), network and system architecture, and common audit requirements.
• Experience managing audit responses, penetration test reports, and remediation plans.
• Excellent written documentation and report-writing skills.
• Strong stakeholder management and communication skills.

*GoKardz is recruiting on behalf of our client in the Financial Service sector. Powered by our cutting-edge digital identity platform, this opportunity is part of our platform-driven services that streamline and optimise talent acquisition for leading companies.