186 Cybersecurity jobs in Kuala Lumpur

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia Tech Titan

Flexible to accommodate urgent customer needs over weekends and public holidays

Perform tasks such as issues, deploying products, collecting artefacts for debugging

Provide high quality technical support by helping customers resolve issues including explaining usage, debugging failures, pinpointing problems, implementing workarounds, increasing performance, improving security, and determining root causes

Documenting all support issue details while supporting customers to ensure details are available for all relevant parties

Work cooperatively with team members to arrive at issue resolution as per Service Level Agreement before escalating to engineering team

Contribute, maintain, and improve knowledge base articles, training materials, and other repositories of information

Report customer use cases, requirements, enhancement requests, and recommend fixes

Practice the give and take model of knowledge and experience exchange by sharing information to the team

Constantly improving job skills through participation in product, technology, and customer service training as it is made available

Participate in improving processes, communication, systems, etc.

Demonstrated Required Skills and Abilities:

Graduated with Bachelor's Degree in Computer Science or Engineering or equivalent technical experience

Able to communicate in English (written)

For Mac, Windows, Linux, iOS, or Android

In Xcode, Visual Studio, Android Studio, or Eclipse

Ability to troubleshoot system issues

Fundamental understanding of computer architecture and low-level details of the programming languages used by the products you are supporting

Interest and experience in security a great advantage

Ability to work effectively with a remote team using modern, collaborative tools such as Microsoft Teams, Zoom, and Webex

Strong customer service skills ability to work with customers in a manner that is professional, compassionate, and effective

Ability to synthesize and clearly communicate complex technical issues to technical and non-technical audiences at all levels, both internally and externally

Office Hours: Monday - Friday, 9am - 6pm

Smart Casual Fridays

Salary is negotiable depending on experience

Responsibilities

• Develop and implement comprehensive cybersecurity strategies tailored to the manufacturing industry.
• Design secure architectures and solutions to safeguard IT systems and sensitive data.
• Conduct risk assessments and vulnerability analysis to identify potential threats.
• Collaborate with cross-functional teams to integrate security measures into technology projects.
• Ensure compliance with relevant cybersecurity regulations and standards.
• Monitor and respond to security incidents, providing actionable recommendations.
• Educate and train employees on cybersecurity best practices and protocols.
• Stay updated on the latest cybersecurity trends and technologies to enhance defenses.

• A degree in Computer Science, Information Technology, or a related field.
• Proven expertise in cybersecurity principles, frameworks, and tools.
• Experience designing secure IT architectures for large organizations.
• Knowledge of industry regulations and compliance requirements.
• Strong analytical and problem-solving skills with attention to detail.
• Ability to work collaboratively with diverse teams in a fast-paced environment.
• Excellent communication skills to present technical concepts clearly.

• Attractive salary range of MYR to MYR annually.
• Performance-based bonus and 13th-month salary.
• MYR 4000 annual flexible benefits for personal use.
• Comprehensive insurance and medical coverage, including dependents.
• Enhanced EPF contribution of 15%.

This is an excellent opportunity for a Cybersecurity Architect to join a leading manufacturing organization in Malaysia. If you are passionate about technology and security, we encourage you to apply.

Contact: Ryan Wong

Phone:

Overview

APAC Talent Acquisition Lead at Cognizant

We are seeking a motivated and detail-oriented Cybersecurity Analyst with approximately 4 years of hands-on experience to support cybersecurity initiatives. The analyst will be responsible for monitoring, analyzing, and responding to security incidents, as well as assisting in the implementation of security controls and compliance measures.

• Monitor and analyze security alerts from various sources (SIEM, firewalls, endpoint protection, etc.).
• Investigate and respond to security incidents and vulnerabilities.
• Assist in the development and enforcement of security policies and procedures.
• Support vulnerability assessments and penetration testing activities.
• Maintain and update documentation related to security operations and incident response.
• Collaborate with IT and business teams to ensure secure system configurations and practices.
• Assist in compliance activities related to ISO 27001, NIST, or other relevant frameworks.
• Stay updated on emerging threats and recommend mitigation strategies.

• Bachelor’s degree in Computer Science, Information Security, or related field.
• Around 4 years of experience in cybersecurity or IT security operations.
• Familiarity with SIEM tools and antivirus.
• Understanding of network protocols, system vulnerabilities, and threat vectors.
• Basic knowledge of regulatory standards and compliance frameworks (e.g., ISO 27001, NIST, GDPR).
• Strong analytical and problem-solving skills.
• Good communication and documentation abilities.

• CompTIA Security+
• Certified Ethical Hacker (CEH)
• GIAC Security Essentials (GSEC)

• Mid-Senior level

• Full-time

• Information Technology

• IT Services and IT Consulting

We are inviting anyone with a keen interest in Cybersecurity to join our growing Malaysia team. This role is a technical role and will require someone with some basic understanding of networking technologies. However, if you do not have the required experience but has an analytic mind, we will provide the necessary training for you to grow in our company.

Responsibilities

• Monitor alerts, research threat activity and recommend appropriate remediation
• Perform triage and alert customer of any suspicious events with recommendations.
• Maintain an accurate audit trail of security requests and events
• Generate, execute and analyze security reports
• Demonstrate exceptional communication skills working with regional teams.

Requirements

• Candidate must possess at least Degree in Cybersecurity or Computer Science or equivalent.
• Candidate must
• Basic system and network security fundamentals.
• Knowledge of desktop, server, database, application and network principles for problem management, risk identification and analysis
• Able to work 12 hours shift

Job Responsibilities

● Designing and implementing cutting-edge cybersecurity solutions to protect applications, data, and infrastructure.

● Continuously improving security measures to mitigate security risks.

● Conducting vulnerability assessments, penetration testing, and risk analysis to identify and address security gaps.

● Diagnosing and responding to security incidents, ensuring rapid containment and resolution.

● Maintaining security best practices and ensuring compliance with relevant industry standards and regulations.

● Mentoring team members to enhance their cybersecurity knowledge and adherence to best practices.

● Developing and integrating security tools for monitoring, detection, and response.

● Improving automation for security testing and deployment pipelines to ensure rapid and secure software delivery.

● Collaborating with development, DevOps, and IT teams to embed security into the software development lifecycle (SDLC).

Job Requirements

● Bachelor's or Master's Degree in Computer Science, Cybersecurity, or a related field.

● 2+ years of real-world experience in cybersecurity.

● Fresh grads are encouraged to apply.

● Proven experience in anti-fraud systems, particularly in mobile security (APK protection and analysis).

● Strong knowledge of application security principles, including secure coding, encryption, authentication, and authorization.

● Hands-on experience with reverse engineering, obfuscation techniques, and tamper detection for APK security.

● Proficiency in security testing methodologies, including penetration testing, SAST, and DAST.

● Familiarity with tools such as Burp Suite, Metasploit, Frida, IDA Pro, or other reverse engineering tools.

● Experience in implementing and managing security frameworks, such as OWASP, NIST, and ISO 27001.

● Strong understanding of networking protocols, firewalls, IDS/IPS, and other security technologies.

● Proficiency in programming/scripting languages such as Python, Java, Kotlin, or C++.

● Experience with cloud security (AWS, Azure, or GCP) is a plus.

● DevSecOps and CI/CD pipeline security experience is highly preferred.

About the role

The Cybersecurity Governance & Process Analyst is a key role responsible for establishing, maintaining, and overseeing the cybersecurity governance framework and operational processes across the organization.

This position ensures that cybersecurity risks are properly identified, assessed, and managed in alignment with business objectives and regulatory requirements. The analyst focuses on developing and implementing effective cybersecurity policies, procedures, and controls while managing the enterprise risk register and driving audit findings to closure.

What you will do

Cybersecurity Governance Framework:

• Develop, implement, and maintain the organization's cybersecurity governance framework
• Ensure alignment with industry standards (NIST, ISO 27001, CIS Controls) and regulatory requirements
• Establish and maintain cybersecurity policies, standards, and guidelines

Enterprise Risk Management:

• Maintain and update the enterprise cybersecurity risk register
• Conduct regular risk assessments and facilitate risk treatment plans
• Monitor and report on cybersecurity risk posture to senior management

Process Development & Implementation:

• Design, document, and implement cybersecurity processes and procedures
• Develop and maintain process documentation, workflows, and SOPs
• Ensure process integration across security domains and business units

Audit & Compliance Management:

• Manage internal and external cybersecurity audits
• Track audit findings and coordinate remediation activities
• Prepare compliance reports and metrics for management review

Metrics & Reporting:

• Develop and monitor cybersecurity governance metrics and KPIs
• Prepare regular reports on governance effectiveness and compliance status
• Analyze trends and recommend improvements to the governance program

Skills/Competencies

Technical & Functional Competencies:

• Deep, practical knowledge of NIST CSF, NIST 800-53, ISO 27001, and CIS Critical Security Controls.
• Superior skill in writing clear, concise, and enforceable policies, standards, and procedures.
• Proficiency in risk assessment methodologies (e.g., NIST RMF, FAIR) and risk register management.
• Hands-on experience with GRC platforms (e.g., ServiceNow IRM, RSA Archer, MetricStream) to automate workflows.
• Strong understanding of audit processes and compliance requirements across multiple regulations.

Leadership & Soft Skills:

• Exceptional ability to build consensus, socialize ideas, and influence change across technical and business teams without direct authority.
• Ability to translate technical controls and risks into business terms for leadership and legal/compliance teams.
• Strong organizational skills to manage multiple parallel workstreams and policy review cycles.
• Attention to detail and process-oriented mindset

What you will need

• Bachelor's degree in computer science, Cybersecurity, or related field, or equivalent practical experience.
• 5-8 years in cybersecurity governance, risk management, or compliance roles
• Relevant industry certifications (e.g. CISSP, CISM, CRISC, CISA, CGEIT, ISO 27001 Lead Auditor/Implementer)
• Proven, hands-on experience in developing and implementing an enterprise cybersecurity policy framework from the ground up.
• Demonstrable experience in managing cybersecurity risk registers and facilitating risk assessments.
• Direct experience supporting external audits and managing remediation plans.
• Governance Framework: Accountable for the development, maintenance, and effectiveness of the cybersecurity governance framework
• Risk Management: Accountable for maintaining the enterprise cybersecurity risk register and ensuring risks are properly documented and treated
• Process Compliance: Accountable for ensuring cybersecurity processes and procedures are documented, implemented, and followed across the organization
• Audit Management: Accountable for tracking and ensuring timely closure of all cybersecurity audit findings and compliance gaps
• Reporting Accuracy: Accountable for the accuracy and timeliness of cybersecurity governance reporting to management and relevant committees
• Policy Management: Accountable for the regular review and update of cybersecurity policies and standards to ensure ongoing relevance and effectiveness

Talent acquisition based on Nexperia vacancies is not appreciated. Nexperia job adverts are Nexperia copyright material and the word Nexperia is a registered trademark.

D&I Statement

As an equal-opportunity employer, Nexperia values diversity not just because it is the right thing to do but because diverse teams perform better. We are dedicated to being inclusive, and a proof point of this dedication is that we were the main partner of the very first Dutch Paralympic Team NL House during the Paris 2024 Paralympic Games. Our recruitment process is inclusive and accessible to all, and we consider all applicants fairly, as well as providing a safe work environment and reasonable adjustments where requested.

In addition, we offer our colleagues the possibility to join employee resource groups such as the Pride Network Group or global and local Women's groups. Nexperia is committed to increasing women in management positions to 30% by 2030.

Key Responsibilities

1 1. Project Management & Security Tool Implementation

• Own and drive implementation of core security technologies (e.g., SIEM/Sentinel, SOAR, MDE, MDO, Purview, Intune, PAM, CASB).
• Define project scope, milestones, deliverables, and success criteria for security initiatives.
• Ensure on-time delivery of projects, managing risks, dependencies, and vendor support.
• Develop runbooks, SOPs, and integration workflows for newly deployed tools.
• Provide executive progress updates and ensure ROI from tool investments.

2. Governance, Policy & Compliance

• Develop, update, and enforce information security policies (Information Security, Privacy, Acceptable Use, Governance, Risk Management).
• Maintain ISMS/PIMS scope, Statement of Applicability, and compliance documentation.
• Deliver compliance and audit-ready reports, including security metrics packs and awareness training records.

3. Risk Management

• Maintain risk registers, treatment/action plans, and exception registers.
• Monitor regulatory obligations and implement risk mitigation measures.
• Deliver actionable reporting on risk exposure and treatment effectiveness.

4. Identity & Access Management

• Oversee access recertifications, privileged access reviews, and service account governance.
• Ensure MFA, conditional access, and jump host governance are enforced.

5. Security Operations & Incident Response

• Deliver security reports (phishing simulations, DLP, EDR/NDR, incident tickets, PIRs).
• Ensure tuning and coverage of SIEM use cases, EDR/EPP, NDR, and DLP policies.
• Oversee incident lifecycle: detection, escalation, investigation, and post-mortems.

6. Vulnerability & Patch Management

• Deliver patch compliance dashboards and vulnerability remediation tracking.
• Ensure configuration baselines and deviations are regularly reported.
• Monitor third-party vulnerability bulletins and coordinate patching actions.

7. Cloud & Platform Security

• Deliver CSPM tracking and M365 Secure Score plans.
• Oversee email security baselines, audit logging, and retention compliance.
• Drive deployment of Purview for DLP, sensitivity labeling, insider risk, and eDiscovery.

8. Business Continuity & Third-Party Risk

• Deliver Disaster Recovery Plans and test reports with clear action tracking.
• Ensure vendor onboarding/offboarding processes include security reviews.
• Maintain supplier due diligence records and third-party monitoring reports.

Key Deliverables

• Project-based:
• Security tool implementations completed on time and within scope.
• Runbooks, SOPs, and playbooks for each deployed tool.
• Integration of tools into SOC workflows (SIEM, SOAR, EDR, CASB, DLP, PAM).
• Governance & Risk:
• Approved and up-to-date security policies and ISMS/PIMS documentation.
• Risk assessment reports, treatment plans, and compliance dashboards.
• Regulatory compliance documentation (ISO 27001, SOC 2, PCI-DSS, GDPR, PDPA).
• Operations & Reporting:
• Monthly security metrics packs and management dashboards.
• Incident response reports, tabletop exercise findings, and PIRs.
• Patch, vulnerability, and configuration compliance dashboards.
• CSPM, M365, and Intune security baselines with measured improvements.
• Awareness & Training:
• Organization-wide training records, phishing simulation results, and awareness metrics.

Skills & Qualifications

• Bachelor's degree in Information Security, Computer Science, or related field.
• Certifications: CISSP, CISM, PMP/Prince2 (for project delivery), ISO 27001 Lead Implementer.
• Proven track record of delivering security tool projects (Microsoft stack preferred).
• Strong knowledge of GRC frameworks (NIST CSF, ISO 27001, MITRE ATT&CK).
• Hands-on experience in SIEM, SOAR, DLP, CASB, EDR, PAM, and cloud security controls.
• Experience in vendor and third-party risk management.
• Strong leadership, stakeholder communication, and project reporting skills.

Company Description

YTL Power International Berhad is an international multi-utility owner and operator, active across key segments of the utilities industry. With operations, investments, and projects in Malaysia, Singapore, the United Kingdom, Indonesia, Jordan, and the Netherlands, YTL Power engages in power generation, water and sewerage, telecommunications, digital technologies, and investment holding activities. As of February 2025, the company's total assets stand at approximately USD 15 billion. We are committed to sustainable practices and innovative solutions in the utilities sector.

Role Description

This is a full-time hybrid role for a Cybersecurity Architect, located in WP. Kuala Lumpur with some work-from-home flexibility. The Cybersecurity Architect will be responsible for designing and implementing security architecture, ensuring application security, and maintaining robust network and information security. Day-to-day tasks include evaluating and addressing security threats, developing security strategies, and collaborating with various teams to ensure integration of security protocols.

Qualifications

• Proficiency in Security Architecture Design and Cybersecurity
• Experience in Application Security and Network Security
• Strong knowledge in Information Security
• Excellent problem-solving and analytical skills
• Ability to work both independently and collaboratively in a hybrid environment
• Bachelor's degree in Computer Science, Information Technology, or related field
• Relevant certifications such as CISSP, CISM, or CEH are a plus
• Experience in the utilities industry is an advantage