What Jobs are available for Iam Analyst in Malaysia?
Showing 5 Iam Analyst jobs in Malaysia
Identity and Access Management (IDAM) Engineer
Kuala Lumpur, Kuala Lumpur
AVEVA
Posted 4 days ago
Job Viewed
Job Description
**AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life - such as energy, infrastructure, chemicals and minerals - safely, efficiently and more sustainably.**
**We're the first software business in the world to have our sustainability targets validated by the SBTi, and we've been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We've also recently been named as one of the world's most innovative companies.**
**If you're a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers ( .**
**For more information about our privacy policy and how to manage cookies, visit our** **Privacy Policy ( **.**
**Job Title: IDAM Engineer**
**Location: Kuala Lumpur**
**Employment Type:** Full Time, regular employment, Hybrid work arrangement
**The job**
AVEVA are looking for an Identity and Access Management (IDAM) focused Engineer with a strong background in engineering hybrid Windows platforms to join our growing team. The AVEVA IT team is dedicated to securing access to AVEVA's platforms. The IDAM Engineer will be responsible for delivering and maintaining modern and legacy infrastructure required to support a rapidly growing software company. You will play a crucial role in furthering the security posture of the organization through a combination of technical hands-on work and collaboration with cross-functional engineers to drive transformational security projects.
**Key Responsibilities**
+ Maintain and monitor IAM and Messaging systems. Operate and maintain multi-site Active Directory domains & forests, inclusive of cloud infrastructure components within Microsoft Azure
+ Adhere to and develop guidelines/processes for deploying, monitoring, maintaining, and documenting essential infrastructure services
+ Respond to critical issue occurrences to resolution
+ Provide accurate, complete, and up to date diagrams and documentation of systems architecture
+ Provide level 2 support and coordinate as needed with the technology vendors (performing diagnosis on incidents, implementing standard changes to the infrastructure)
+ Troubleshoot and manage the resolution of issues relating to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions
+ Work in concert with security teams to harden infrastructure systems and monitor for malware and unauthorized access
**Essential Capabilities**
+ A solid foundation in Microsoft security policies and configurations spanning Microsoft cloud services (SaaS/PaaS), IAM, and Privilege Access Management domains
+ A strong understanding of industry standard SSO technologies and authentication methods (OpenID Connect, SAML, OAuth, Kerberos, LDAP, etc.)
+ Production-level experience implementing and supporting Microsoft security infrastructure
+ An eagerness to produce scalable and repeatable security practices through automation
**Essential Experience**
+ Demonstrated experience managing and securing Azure resources using code-driven methods.
+ A broad knowledge and understanding of the cyber security threat landscape.
+ Significant and proven experience of dealing with IDAM systems incidents and associated response measures.
+ Excellent written and oral communication skills in English
**Desirable Experience**
+ At least of 2 years of professional experience in the IAM field focused roles on delivering security in cloud native, distributed architectural solutions in complex environments
+ Knowledge and/or a proven record of success in the following areas
+ Continuous integration, development and testing practices and dabble in DevOps tools and standards
+ One Identity suite of products
+ Familiarity with scripting languages, such as PowerShell and Python, to automate IDAM tasks
+ Bachelor's degree in computer science, Engineering, Mathematics, related field; or equivalent combination of education/professional experience in a similar role
+ Relevant technical certifications a plus
**Behaviours**
+ Strong ability to communicate with both and technical and non-technical team members
+ Customer focused mindset and is capable of flexing and delivering security solutions to meet the business needs by still achieving the high security standards
+ Growth mindset, passionate to learn and use new/emerging technologies.
+ Must work well independently and with others as part of larger team and be able to collaborate on cross-functional teams
**IT at AVEVA**
Our global team of 300+ IT professionals is responsible for the systems and platforms that keep AVEVA running. By empowering our colleagues and ensuring the smooth operation of the company, we help keep the business healthy and productivity high. We also provide key support for the transformation and modernisation efforts globally.
We pride ourselves on a collaborative, inclusive and authentic culture that provides a framework allowing for autonomy, whilst always being available for support and guidance. We respect the differences that each team member brings and seek to include those perspectives in our solutions for our business functions. The energy and sense of purpose is evident when talking to team members, you will feel part of something special from the first day you join.
Find out more: requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.**
**AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.**
**Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.**
Empowering you with pioneering tech
AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life - such as energy, infrastructure, chemicals and minerals - safely, efficiently and more sustainably.
We're the first software business in the world to have our sustainability targets validated by the SBTi, and we've been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We've also recently been named as one of the world's most innovative companies.
If you're a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers ( .
For more information about our privacy policy and how to manage cookies, visit our Privacy Policy ( .
**We're the first software business in the world to have our sustainability targets validated by the SBTi, and we've been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We've also recently been named as one of the world's most innovative companies.**
**If you're a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers ( .**
**For more information about our privacy policy and how to manage cookies, visit our** **Privacy Policy ( **.**
**Job Title: IDAM Engineer**
**Location: Kuala Lumpur**
**Employment Type:** Full Time, regular employment, Hybrid work arrangement
**The job**
AVEVA are looking for an Identity and Access Management (IDAM) focused Engineer with a strong background in engineering hybrid Windows platforms to join our growing team. The AVEVA IT team is dedicated to securing access to AVEVA's platforms. The IDAM Engineer will be responsible for delivering and maintaining modern and legacy infrastructure required to support a rapidly growing software company. You will play a crucial role in furthering the security posture of the organization through a combination of technical hands-on work and collaboration with cross-functional engineers to drive transformational security projects.
**Key Responsibilities**
+ Maintain and monitor IAM and Messaging systems. Operate and maintain multi-site Active Directory domains & forests, inclusive of cloud infrastructure components within Microsoft Azure
+ Adhere to and develop guidelines/processes for deploying, monitoring, maintaining, and documenting essential infrastructure services
+ Respond to critical issue occurrences to resolution
+ Provide accurate, complete, and up to date diagrams and documentation of systems architecture
+ Provide level 2 support and coordinate as needed with the technology vendors (performing diagnosis on incidents, implementing standard changes to the infrastructure)
+ Troubleshoot and manage the resolution of issues relating to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions
+ Work in concert with security teams to harden infrastructure systems and monitor for malware and unauthorized access
**Essential Capabilities**
+ A solid foundation in Microsoft security policies and configurations spanning Microsoft cloud services (SaaS/PaaS), IAM, and Privilege Access Management domains
+ A strong understanding of industry standard SSO technologies and authentication methods (OpenID Connect, SAML, OAuth, Kerberos, LDAP, etc.)
+ Production-level experience implementing and supporting Microsoft security infrastructure
+ An eagerness to produce scalable and repeatable security practices through automation
**Essential Experience**
+ Demonstrated experience managing and securing Azure resources using code-driven methods.
+ A broad knowledge and understanding of the cyber security threat landscape.
+ Significant and proven experience of dealing with IDAM systems incidents and associated response measures.
+ Excellent written and oral communication skills in English
**Desirable Experience**
+ At least of 2 years of professional experience in the IAM field focused roles on delivering security in cloud native, distributed architectural solutions in complex environments
+ Knowledge and/or a proven record of success in the following areas
+ Continuous integration, development and testing practices and dabble in DevOps tools and standards
+ One Identity suite of products
+ Familiarity with scripting languages, such as PowerShell and Python, to automate IDAM tasks
+ Bachelor's degree in computer science, Engineering, Mathematics, related field; or equivalent combination of education/professional experience in a similar role
+ Relevant technical certifications a plus
**Behaviours**
+ Strong ability to communicate with both and technical and non-technical team members
+ Customer focused mindset and is capable of flexing and delivering security solutions to meet the business needs by still achieving the high security standards
+ Growth mindset, passionate to learn and use new/emerging technologies.
+ Must work well independently and with others as part of larger team and be able to collaborate on cross-functional teams
**IT at AVEVA**
Our global team of 300+ IT professionals is responsible for the systems and platforms that keep AVEVA running. By empowering our colleagues and ensuring the smooth operation of the company, we help keep the business healthy and productivity high. We also provide key support for the transformation and modernisation efforts globally.
We pride ourselves on a collaborative, inclusive and authentic culture that provides a framework allowing for autonomy, whilst always being available for support and guidance. We respect the differences that each team member brings and seek to include those perspectives in our solutions for our business functions. The energy and sense of purpose is evident when talking to team members, you will feel part of something special from the first day you join.
Find out more: requires all successful applicants to undergo and pass a comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third party personal data may involve additional background check criteria.**
**AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.**
**Come and join AVEVA to create the transformative technology that enables our customers to engineer a better world.**
Empowering you with pioneering tech
AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life - such as energy, infrastructure, chemicals and minerals - safely, efficiently and more sustainably.
We're the first software business in the world to have our sustainability targets validated by the SBTi, and we've been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. We've also recently been named as one of the world's most innovative companies.
If you're a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at AVEVA Careers ( .
For more information about our privacy policy and how to manage cookies, visit our Privacy Policy ( .
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
0
Analyst 5, Security
SanDisk
Posted 2 days ago
Job Viewed
Job Description
**Company Description**
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
We are seeking a highly skilled and experienced **Senior Firewall Engineer** to join our cybersecurity team. This role is critical to maintaining and enhancing our network security posture across multiple platforms. The ideal candidate will have deep expertise in Next Generation Firewall technologies such as Palo Alto Networks, or Fortinet, or Cisco firewall technologies, and will play a key role in designing, implementing, and managing firewall policies and infrastructure.
**Key Responsibilities**
+ Design, implement, and manage firewall policies across multiple firewalls.
+ Administer and optimize centralized management of firewalls.
+ Perform rule reviews, object reuse, and policy optimization to ensure efficient and secure configurations.
+ Collaborate with network and security teams to support secure architecture and segmentation.
+ Monitor and respond to firewall-related alerts and incidents.
+ Conduct regular audits and compliance checks on firewall configurations.
+ Lead firewall migrations, upgrades, and integrations with other security tools.
+ Document configurations, change requests, and operational procedures.
**Qualifications**
**Required**
+ 5+ years of hands-on experience managing enterprise firewalls.
+ Strong expertise in Palo Alto Networks Firewalls, Fortinet FortiGate, or Cisco ASA/Firepower.
+ Strong expertise in Panorama, FortiManager, or **Cisco Secure Firewall Management Center**
+ Solid understanding of network protocols, routing, and VPN technologies.
+ Familiarity with rule lifecycle management and change control processes.
+ Experience with logging, monitoring, and troubleshooting firewall traffic.
**Preferred**
+ Palo Alto Networks certifications (e.g., PCNSA, PCNSE).
+ Fortinet NSE certifications.
+ Cisco CCNP Security or equivalent
+ CISSP
+ Experience with automation tools (e.g., Ansible, Terraform) for firewall management.
+ Knowledge of Zero Trust architecture and segmentation strategies.
+ Operational Technology Background/Experience
**Skills**
+ Excellent analytical and problem-solving skills.
+ Strong communication and documentation abilities.
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
We are seeking a highly skilled and experienced **Senior Firewall Engineer** to join our cybersecurity team. This role is critical to maintaining and enhancing our network security posture across multiple platforms. The ideal candidate will have deep expertise in Next Generation Firewall technologies such as Palo Alto Networks, or Fortinet, or Cisco firewall technologies, and will play a key role in designing, implementing, and managing firewall policies and infrastructure.
**Key Responsibilities**
+ Design, implement, and manage firewall policies across multiple firewalls.
+ Administer and optimize centralized management of firewalls.
+ Perform rule reviews, object reuse, and policy optimization to ensure efficient and secure configurations.
+ Collaborate with network and security teams to support secure architecture and segmentation.
+ Monitor and respond to firewall-related alerts and incidents.
+ Conduct regular audits and compliance checks on firewall configurations.
+ Lead firewall migrations, upgrades, and integrations with other security tools.
+ Document configurations, change requests, and operational procedures.
**Qualifications**
**Required**
+ 5+ years of hands-on experience managing enterprise firewalls.
+ Strong expertise in Palo Alto Networks Firewalls, Fortinet FortiGate, or Cisco ASA/Firepower.
+ Strong expertise in Panorama, FortiManager, or **Cisco Secure Firewall Management Center**
+ Solid understanding of network protocols, routing, and VPN technologies.
+ Familiarity with rule lifecycle management and change control processes.
+ Experience with logging, monitoring, and troubleshooting firewall traffic.
**Preferred**
+ Palo Alto Networks certifications (e.g., PCNSA, PCNSE).
+ Fortinet NSE certifications.
+ Cisco CCNP Security or equivalent
+ CISSP
+ Experience with automation tools (e.g., Ansible, Terraform) for firewall management.
+ Knowledge of Zero Trust architecture and segmentation strategies.
+ Operational Technology Background/Experience
**Skills**
+ Excellent analytical and problem-solving skills.
+ Strong communication and documentation abilities.
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
1
Cybersecurity Analyst (Cloud Security)
Kuala Lumpur, Kuala Lumpur
Upscale Sdn Bhd
Posted today
Job Viewed
Job Description
We are seeking a passionate and detail-oriented Cybersecurity Analyst with 13 years of hands-on experience and a CCSP (Certified Cloud Security Professional) certification. The ideal candidate will be responsible for protecting the organizations cloud infrastructure, ensuring compliance with cybersecurity frameworks, and supporting continuous improvement of our security posture.
Key Responsibilities:-
Implement and monitor cloud security controls across platforms such as AWS, Azure, or Google Cloud.
-
Conduct vulnerability assessments , risk analysis , and assist in incident response activities.
-
Work with IT and DevOps teams to ensure secure cloud architecture and data protection practices.
-
Support security policy development , configuration management, and compliance audits (e.g., ISO 27001, PDPA, NIST).
-
Perform security monitoring using SIEM tools and escalate potential threats for remediation.
-
Assist in developing and maintaining disaster recovery and business continuity plans.
-
Stay updated with emerging cybersecurity threats and recommend preventive measures .
-
Provide training or awareness sessions to staff on cyber hygiene and cloud best practices .
Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field.
-
1-3 years of professional experience in information security, cloud security, or IT infrastructure.
-
CCSP certification (mandatory).
-
Good understanding of cloud platforms (AWS, Azure, GCP) and their native security features.
-
Familiarity with firewalls, IDS/IPS, endpoint protection , and security monitoring tools .
-
Knowledge of network protocols , identity & access management (IAM) , and encryption technologies .
-
Awareness of relevant regulatory frameworks in Malaysia such as PDPA and Bank Negara Malaysia's RMiT guidelines (advantageous).
-
Strong analytical, communication, and problem-solving skills.
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
2
Analyst 4, IT Security
SanDisk
Posted 11 days ago
Job Viewed
Job Description
**Company Description**
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
As Information Security Analyst 4, you will be critical in advancing Sandisk's information security Governance, Risk Management, and Compliance (GRC) program. You will develop and implement global, company-wide information security risk management frameworks, policies, and procedures. You will manage and assess information security risks and develop robust risk management strategies in partnership with global operations and manufacturing teams. You will collaborate with guidance and analysis to enhance our information security posture and ensure compliance with industry standards and regulations.
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
+ Implement global enterprise-wide risk management frameworks that aligns with industry standards (e.g. ISO27001, NIST etc).
+ Act as a liaison between Information Security and Sandisk teams in Penang to ensure alignment of cybersecurity policies with operational and manufacturing requirements.
+ Perform technical and business process risk assessment activities to identify, evaluate, and prioritize information security risks across the organization, including threats, vulnerabilities, and potential impacts to information and technology assets.
+ Develop and drive implementation of effective technical and non-technical risk management strategies to mitigate identified risks, ensuring alignment with industry best practices and regulatory requirements.
+ Collaborate across the organization to ensure the integration of risk management practices into organizational processes and projects.
+ Analyze security data to identify trends, vulnerabilities, and areas for improvement.
+ Collaborate with internal and external auditors to facilitate security audits and assessments.
+ Stay current with industry trends, emerging threats, and best practices for information security and risk management.
+ Provide guidance and support in developing and maintaining information security policies, standards, and procedures.
**Qualifications**
REQUIRED:
+ Bachelor's degree in Information Security, Computer Science, or equivalent work experience.
+ 4+ years of experience in information security, including risk management, risk assessments, reporting, and metrics analysis, and hands-on with at least one of the following: security engineering, network security, identity and access management, security operations, and/or software development security.
+ 2+ years of experience in technical roles, or similar technical proficiency are highly desirable.
PREFERRED:
+ Strong leadership, communication, and stakeholder management skills with the ability to bridge technical InfoSec requirements and operational priorities across factory and office environments
+ Excellent analytical and problem-solving skills with attention to detail
+ Ability to work independently and collaboratively in a fast-paced environment
+ Proficiency in risk assessments, vulnerability assessments, and compliance audits
+ Strong understanding of information security frameworks, standards, and best practices (e.g., ISO 27001, NIST, GDPR)
+ Relevant certifications such as CISSP, CISM, CRISC, GSNA or similar are desirable
+ Technical certifications such as GCIH, GPEN, CEH, OSCP or similar are desirable
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
As Information Security Analyst 4, you will be critical in advancing Sandisk's information security Governance, Risk Management, and Compliance (GRC) program. You will develop and implement global, company-wide information security risk management frameworks, policies, and procedures. You will manage and assess information security risks and develop robust risk management strategies in partnership with global operations and manufacturing teams. You will collaborate with guidance and analysis to enhance our information security posture and ensure compliance with industry standards and regulations.
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
+ Implement global enterprise-wide risk management frameworks that aligns with industry standards (e.g. ISO27001, NIST etc).
+ Act as a liaison between Information Security and Sandisk teams in Penang to ensure alignment of cybersecurity policies with operational and manufacturing requirements.
+ Perform technical and business process risk assessment activities to identify, evaluate, and prioritize information security risks across the organization, including threats, vulnerabilities, and potential impacts to information and technology assets.
+ Develop and drive implementation of effective technical and non-technical risk management strategies to mitigate identified risks, ensuring alignment with industry best practices and regulatory requirements.
+ Collaborate across the organization to ensure the integration of risk management practices into organizational processes and projects.
+ Analyze security data to identify trends, vulnerabilities, and areas for improvement.
+ Collaborate with internal and external auditors to facilitate security audits and assessments.
+ Stay current with industry trends, emerging threats, and best practices for information security and risk management.
+ Provide guidance and support in developing and maintaining information security policies, standards, and procedures.
**Qualifications**
REQUIRED:
+ Bachelor's degree in Information Security, Computer Science, or equivalent work experience.
+ 4+ years of experience in information security, including risk management, risk assessments, reporting, and metrics analysis, and hands-on with at least one of the following: security engineering, network security, identity and access management, security operations, and/or software development security.
+ 2+ years of experience in technical roles, or similar technical proficiency are highly desirable.
PREFERRED:
+ Strong leadership, communication, and stakeholder management skills with the ability to bridge technical InfoSec requirements and operational priorities across factory and office environments
+ Excellent analytical and problem-solving skills with attention to detail
+ Ability to work independently and collaboratively in a fast-paced environment
+ Proficiency in risk assessments, vulnerability assessments, and compliance audits
+ Strong understanding of information security frameworks, standards, and best practices (e.g., ISO 27001, NIST, GDPR)
+ Relevant certifications such as CISSP, CISM, CRISC, GSNA or similar are desirable
+ Technical certifications such as GCIH, GPEN, CEH, OSCP or similar are desirable
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
3
Analyst 4, IT Security
SanDisk
Posted 11 days ago
Job Viewed
Job Description
**Company Description**
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
As an Information Security Analyst 4, you will play a pivotal role in advancing Sandisk's Information Security Governance, Risk Management, and Compliance (GRC) program. You will be a key contributor to the Responsible GenAI Program, leading security risk assessments, collaborating with cross-functional teams, and helping operationalize governance processes. You will work closely with business stakeholders, Legal, IT, and Information Security to ensure GenAI use cases are evaluated, de-risked, and aligned with Western Digital's security and compliance standards. Additionally, you will support the development, enhancement, and implementation of enterprise-wide information security risk management frameworks, policies, and procedures aligned with industry standards, regulatory requirements, and organizational objectives. Your expertise will help strengthen our security posture and ensure compliance across the organization.
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
As Responsible GenAI Program Operator and Assessor :
+ Operate and manage the Responsible GenAI program, overseeing intake, coordination, and tracking of GenAI use cases, platforms, and vendors.
+ Conduct GenAI risk assessments focused on data sensitivity, access controls, model interfaces, and memory sources, recommending mitigation strategies for high-risk use cases.
+ Ensure compliance with legal and regulatory standards by collaborating with Legal and procurement SMEs on privacy, licensing, and governance requirements.
+ Integrate GenAI risk practices into procurement, vendor management, and IT risk workflows to strengthen enterprise-wide governance.
+ Support policy development and continuous improvement, contributing to GenAI governance documentation and Enablement Committee reviews for high-risk or pilot use cases.
As GRC Security Analyst :
+ Implement enterprise-wide risk management frameworks aligned with ISO 27001, NIST CSF 2.0, and other industry standards.
+ Conduct technical and business process risk assessments to identify, evaluate, and mitigate information security risks.
+ Collaborate cross-functionally to embed risk management into organizational processes, projects, and compliance initiatives.
+ Support audits and reporting by generating risk metrics and assisting with internal and external security assessments.
**Qualifications**
REQUIRED:
+ Bachelor's degree in Information Security, Computer Science, or a related field, with 4+ years of experience in Information Security, focusing on GRC or risk management.
+ Expertise in risk assessments across technical and business processes, including working knowledge of SANS, OWASP, and CSA AI security frameworks.
+ Familiarity with GenAI technologies and risks, including prompt injection and data leakage, and understanding of responsible AI principles.
+ Knowledge of AI governance standards, including ISO 42001/42005 and NIST AI RMF; 2+ years of experience with AI technologies and technical roles is highly desirable.
PREFERRED:
+ Security/GRC: CISSP, CISM, CRISC, GSNA (or equivalent)
+ Technical: GCIH, GPEN, CEH, OSCP (or equivalent)
+ Experience supporting AI/ML or GenAI programs in a governance or security role is highly desirable
SKILLS:
+ Strong communication and stakeholder engagement skills, with the ability to thrive in fast-paced, cross-functional environments.
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
As an Information Security Analyst 4, you will play a pivotal role in advancing Sandisk's Information Security Governance, Risk Management, and Compliance (GRC) program. You will be a key contributor to the Responsible GenAI Program, leading security risk assessments, collaborating with cross-functional teams, and helping operationalize governance processes. You will work closely with business stakeholders, Legal, IT, and Information Security to ensure GenAI use cases are evaluated, de-risked, and aligned with Western Digital's security and compliance standards. Additionally, you will support the development, enhancement, and implementation of enterprise-wide information security risk management frameworks, policies, and procedures aligned with industry standards, regulatory requirements, and organizational objectives. Your expertise will help strengthen our security posture and ensure compliance across the organization.
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
As Responsible GenAI Program Operator and Assessor :
+ Operate and manage the Responsible GenAI program, overseeing intake, coordination, and tracking of GenAI use cases, platforms, and vendors.
+ Conduct GenAI risk assessments focused on data sensitivity, access controls, model interfaces, and memory sources, recommending mitigation strategies for high-risk use cases.
+ Ensure compliance with legal and regulatory standards by collaborating with Legal and procurement SMEs on privacy, licensing, and governance requirements.
+ Integrate GenAI risk practices into procurement, vendor management, and IT risk workflows to strengthen enterprise-wide governance.
+ Support policy development and continuous improvement, contributing to GenAI governance documentation and Enablement Committee reviews for high-risk or pilot use cases.
As GRC Security Analyst :
+ Implement enterprise-wide risk management frameworks aligned with ISO 27001, NIST CSF 2.0, and other industry standards.
+ Conduct technical and business process risk assessments to identify, evaluate, and mitigate information security risks.
+ Collaborate cross-functionally to embed risk management into organizational processes, projects, and compliance initiatives.
+ Support audits and reporting by generating risk metrics and assisting with internal and external security assessments.
**Qualifications**
REQUIRED:
+ Bachelor's degree in Information Security, Computer Science, or a related field, with 4+ years of experience in Information Security, focusing on GRC or risk management.
+ Expertise in risk assessments across technical and business processes, including working knowledge of SANS, OWASP, and CSA AI security frameworks.
+ Familiarity with GenAI technologies and risks, including prompt injection and data leakage, and understanding of responsible AI principles.
+ Knowledge of AI governance standards, including ISO 42001/42005 and NIST AI RMF; 2+ years of experience with AI technologies and technical roles is highly desirable.
PREFERRED:
+ Security/GRC: CISSP, CISM, CRISC, GSNA (or equivalent)
+ Technical: GCIH, GPEN, CEH, OSCP (or equivalent)
+ Experience supporting AI/ML or GenAI programs in a governance or security role is highly desirable
SKILLS:
+ Strong communication and stakeholder engagement skills, with the ability to thrive in fast-paced, cross-functional environments.
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Iam analyst Jobs in Malaysia !
4