530 Information Security jobs in Malaysia
Head of Information Security
Posted today
Job Viewed
Job Description
Closing Date : 30/09/2025Head of Information Security
Life at U Mobile
We are Passionate, Innovative, Trustworthy, Team-Oriented & Fun-Loving.
At U Mobile, we are always on the lookout for great talents and passionate individuals to join our growing team.
Let’s start your journey with an award-winning organization!
#UnbeatableCareerAwaits
Top Reasons To Join Us!
• Awarded For
o Most Preferred Employers in Telecommunication Industry (2022, 2023 & 2024)
o Bronze Winner in Cross-Generational Workforce Engagement (2024)
o Gold Winner for Excellence in Workplace Culture (2021)
• Comprehensive medical, dental, optical and insurance benefits
• Flexi working hours arrangements
• Staff Line & Device Subsidy
• Smart Casual Attire
• Child Parental Care Leave
• Convenient location with access to public transport (Imbi Monorail/Bukit Bintang MRT)
• Special employee discounts for selected F&B Brands
Job Summary
- As the Head ofInformation Security, you will be responsible for protecting the integrity,confidentiality, and availability of our information systems, networks, andcustomer platforms across the enterprise, wholesale, and retail businesses. Thisrole will lead the company's cybersecurity strategy, governance, riskmanagement, operations, and incident response efforts in close collaborationwith the existing cybersecurity team and business units. You will formulate andimplement security strategies aligned with the company’s technology vision andenterprise risk management objectives, supporting our ambitions to growsecurely and responsibly across all segments.
Job Summary
- As the Head ofInformation Security, you will be responsible for protecting the integrity,confidentiality, and availability of our information systems, networks, andcustomer platforms across the enterprise, wholesale, and retail businesses. Thisrole will lead the company's cybersecurity strategy, governance, riskmanagement, operations, and incident response efforts in close collaborationwith the existing cybersecurity team and business units. You will formulate andimplement security strategies aligned with the company’s technology vision andenterprise risk management objectives, supporting our ambitions to growsecurely and responsibly across all segments.
- Cybersecurity Strategy & Frameworks
- Lead the development and execution of the company’s cybersecurity strategy aligned to Enterprise Risk Management (ERM), Technology Risk Management Framework (TRMF), and Cyber Resilience Framework (CRF).
- Drive cybersecurity maturity programs based on NIST Cybersecurity Framework or similar standards.
- Security Governance & Policies
- Oversee the establishment of cybersecurity policies, procedures, and standards to protect products and services across enterprise, wholesale, and retail segments.
- Ensure compliance with regulatory requirements, industry best practices, and internal governance frameworks.
- Risk Management & Security Architecture
- Assess and manage technology and cyber risks enterprise wide.
- Ensure that information security architecture and roadmaps support both business objectives and security needs.
- Define cybersecurity risk appetite, tolerance levels, and Key Risk Indicators (KRIs).
- Security Operations & Monitoring
- Oversee threat management, detection, and response operations.
- Ensure effective use of tools and practices to detect and respond to cyber threats (e.g., malware, phishing, hacking).
- Incident Management & Response
- Develop, maintain, and execute the Cyber Incident Response Plan (CIRP).
- Coordinate incident responses, forensic investigations, and recovery efforts following cyberattacks.
- Product & Technology Enablement
- Advise technology and product teams on secure-by-design principles for new initiatives including cloud adoption, AI/ML applications, and emerging technologies.
- Compliance, Audit & Reporting
- Review and monitor penetration testing, vulnerability assessments, and internal/external audits.
- Liaise with regulators, auditors, and Board Committees on cybersecurity issues and audit results.
- Ensure timely reporting of cybersecurity incidents to senior management, Group Information Security, Board Committees, and regulators.
- Stakeholder Management
- Working with MCMC and NACSA. Key to ensure we are in the loop and able to access key stakeholders.
- Key internal stakeholders would be Audit Committee for regular reporting and updates of the plan and progress
- General industry to ensure organization are respected and building a credible brand in the Information Security angle.
- Leadership & Talent Development
- Lead and mentor cybersecurity team members.
- Foster a strong cybersecurity culture across the organization.
- Drive professional and personal development of the team through coaching, training, and upskilling initiatives.
About You
- Minimum 10+ years of experience in information security management, cybersecurity operations, or related functions.
- Bachelor’s or Master’s Degree in Information Technology, Computer Science, Cybersecurity, or related fields.
- Prior leadership experience in a telecommunications or technology-driven environment, covering enterprise, wholesale, and retail businesses.
- Proven experience with cybersecurity frameworks (NIST, ISO 27001, etc.), risk management, and incident management.
- Deep knowledge of telecommunications networks, IT infrastructure, and cybersecurity technologies.
- Strong understanding of cloud security, application security, and data privacy regulations.
- Demonstrated ability to balance security needs with business enablement.
- Excellent stakeholder management, communication, and leadership skills.
- Professional certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
What’s Next ?
Once you have applied online, our team will review your application and due to a high volume of applications, only shortlisted candidates will be notified.
Network Security Engineer
Posted today
Job Viewed
Job Description
#J-18808-Ljbffr
Vice President Threat Management, Vulnerability Management & SOC
Posted 4 days ago
Job Viewed
Job Description
Were seeking a visionary cybersecurity leader to head our Threat Management, Vulnerability Management, and Security Operations Center (SOC). As Vice President, you will be at the forefront of our cyber defense strategy leading threat intelligence, vulnerability remediation, and 24x7 SOC operations to protect our systems, data, and customers. This is a high-impact role for someone who thrives in regulated environments, understands the evolving threat landscape, and can translate technical risks into business decisions.
Responsibilities:
- Lead threat intelligence programs and develop proactive defense strategies
- Oversee enterprise-wide vulnerability assessments and remediation
- Manage SOC operations, incident response, and forensic investigations
- Ensure compliance with regulatory frameworks (BNM, PCI DSS, ISO 27001, NIST, MAS TRM, GDPR)
- Engage with regulators, auditors, and executive stakeholders
- Build and mentor a high-performing cyber defense team
Requirements:
- 12-15 years of cybersecurity experience, with 5+ years in leadership
- Proven expertise in SOC, threat intelligence, and vulnerability management
- Strong grasp of cybersecurity frameworks (NIST CSF, MITRE ATT&CK, ISO 27001)
- Certifications preferred: CISSP, CISM, GIAC, CEH, OSCP, CCSP
- Experience in banking or other regulated industries is a plus
- Exceptional communication, leadership, and risk-based decision-making skills
- Be part of a forward-thinking cybersecurity team
- Influence strategic decisions at the highest level
- Work in a dynamic, innovation-driven environment
- Competitive compensation and benefits
Head of Group Cybersecurity & Information Security (SVP Grade)
Posted 4 days ago
Job Viewed
Job Description
The Enterprise Head of Group Cybersecurity & Information Security is a strategic leadership role responsible for safeguarding the banks digital assets, customer data, and infrastructure across all entities and geographies. The position ensures regulatory compliance and drives cybersecurity maturity aligned with business goals.
Responsibilities
- Develop and execute group-wide cybersecurity strategy
- Lead Information Security Committee and report to Board/ExCo
- Ensure compliance with global and local regulations (BNM, MAS, GDPR, etc.)
- Maintain cybersecurity policies and standards
- Oversee SOC, threat intelligence, incident response
- Implement resilience measures (red-teaming, crisis simulations)
- Drive advanced security technologies (AI, Zero Trust, cloud security)
- Manage Information Security Risk Register
- Collaborate with Audit and Risk for control assurance
- Ensure secure design in digital initiatives and vendor risk management
- Align cybersecurity with data governance and privacy laws
- Implement DLP, data classification, and customer data protection controls
- Lead global cybersecurity teams
- Promote security-first culture and executive engagement
- Mentor future cybersecurity leaders
Requirements:
- 3-5 Year Cybersecurity Strategy & Roadmap
- Quarterly Board/ExCo Risk Reports
- Regulatory & Standards Compliance Certifications
- Annual Incident Response & Crisis Simulation Results
- Cybersecurity Capability Maturity Improvements
- Bachelors/Masters in Cybersecurity or related field
- 15+ years in InfoSec, 5+ years in senior banking leadership
- Deep knowledge of financial regulations (BNM RMiT, MAS TRM, GDPR, etc.)
- Certified in CISSP, CISM, CISA, CRISC, CCISO, SABSA, ISO 27001 LA
- Proven board-level engagement and stakeholder management
- Strategic vision and leadership
- Regulatory and risk management expertise
- Crisis resilience and ethical integrity
- Board-level influence and multicultural team leadership
Information Security Engineering Lead (Cloud/Platform and Infrastructure)
Posted 4 days ago
Job Viewed
Job Description
bp Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia
Join or sign in to find your next jobJoin to apply for the Information Security Engineering Lead (Cloud/Platform and Infrastructure) role at bp
Information Security Engineering Lead (Cloud/Platform and Infrastructure)bp Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia
1 week ago Be among the first 25 applicants
Join to apply for the Information Security Engineering Lead (Cloud/Platform and Infrastructure) role at bp
Job Description:
Entity:
Technology
Job Family Group:
IT&S Group
Job Description:
About Us
bp is a global energy business with a purpose to reimagine energy for people and our planet. We aim to be a very different kind of energy company by 2030, helping the world reach net zero and improving people’s lives. We are committed to creating a diverse and inclusive environment where everyone can thrive. Join bp and become part of the team building our future!
You will work within the CT&E Team
This team is responsible for response and management of cyber incidents, using an intelligence-led approach for identification, mitigation, and rapid response to safeguard bp on a global scale. By applying lessons learned and data analytics, this team also establishes engineering principles and enhances the technology stack to continuously bolster bp's cybersecurity posture.
Let me tell you about the role
We are looking for a Lead Data Security Engineer to drive data protection across bp by setting standards, defining controls, and monitoring for compliance. You will lead a small team focused on developing and evolving data security policies, ensuring alignment with business needs and regulatory requirements, and identifying areas of non-compliance across cloud and on-prem environments.
This role will not directly implement controls, but rather define what “good looks like,” provide guidance to teams across bp, and monitor compliance through reporting, reviews, and collaboration.
You will play a key role in shaping bp’s data security agenda and in building a culture of data stewardship and protection.
What you will deliver
- Develop and maintain enterprise data security standards, frameworks, and control objectives, including but not limited to: Data Loss Prevention (DLP), data classification, encryption, data retention, data access governance, and monitoring.
- Partner with security architects and platform teams to ensure secure-by-default configurations and data handling practices.
- Define and maintain baselines for data protection tools and technologies across structured and unstructured data.
- Monitor compliance with security standards and policies across business units and platforms; report gaps and recommend remediation strategies.
- Establish data security metrics, KPIs, and dashboards to track compliance, maturity, and risk exposure.
- Serve as authority for Data Security, staying ahead of evolving threats, technologies, regulations (e.g., GDPR, HIPAA, CCPA), and industry standards (e.g., NIST, ISO 27001).
- Provide expert input into risk assessments, architectural reviews, and governance processes for data initiatives.
- Collaborate across engineering, compliance, privacy, and risk teams to embed data protection principles into business and technical strategies.
- Lead security reviews, identify gaps, and drive continuous improvement in data protection practices.
- Mentor and grow a team of security engineers focused on standards, data-centric threat modeling, and strategic compliance monitoring.
- 6+ years of experience in cybersecurity, with at least 3 years specifically in Data Security, including areas such as DLP, data lifecycle governance, privacy engineering, or data classification and handling.
- Solid background in setting and managing enterprise-wide security standards and frameworks.
- Experience with DLP tools (e.g., Microsoft Purview), data security monitoring platforms, and data access governance solutions.
- Deep understanding of the data lifecycle (create, store, use, share, archive, delete) and associated security risks and controls.
- Familiarity with cloud-native data services and how to apply data security controls across AWS, Azure, and hybrid environments.
- Ability to read and write code/scripts to support automation or compliance tooling (e.g., Python, PowerShell, JSON/YAML for IaC).
- Strong collaboration and stakeholder engagement skills, especially with product, data, compliance, and infrastructure teams.
- Passion for mentorship and fostering a culture of continuous improvement and shared accountability.
At bp, we provide an excellent working environment and employee benefits such as an open and inclusive culture, a great work-life balance, tremendous learning and development opportunities to craft your career path, life and health insurance, medical care package and many others.
We support our people to learn and grow in a diverse and challenging environment. We believe that our team is strengthened by diversity. We are committed to crafting an inclusive environment in which everyone is respected and treated fairly.
There are many aspects of our employees’ lives that are meaningful, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, collaboration spaces in a modern office environment, and many others benefits.
Reinvent your career as you help our business meet the challenges of the future.
Apply now!
Travel Requirement
Negligible travel should be expected with this role
Relocation Assistance:
This role is not eligible for relocation
Remote Type:
This position is a hybrid of office/remote working
Skills:
Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.
If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks. Seniority level
- Seniority level Mid-Senior level
- Employment type Full-time
- Job function Information Technology
- Industries Oil and Gas
Referrals increase your chances of interviewing at bp by 2x
Get notified about new Information Security Specialist jobs in Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia .
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Petaling Jaya, Selangor, Malaysia 4 hours ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 months ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 6 months ago
Petaling Jaya, Selangor, Malaysia 5 days ago
Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Intern, Identity Access Management (IAM) - IT SecurityFederal Territory of Kuala Lumpur, Malaysia 1 week ago
Wilayah Persekutuan Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Security Operations Center Analyst (SOC Analyst)WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago
Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 5 days ago
Internship - Network & Information Security EngineerKuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 6 months ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 6 months ago
Federal Territory of Kuala Lumpur, Malaysia 2 days ago
WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 5 days ago
Senior Information Security Specialist (Supplier Security)Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
Federal Territory of Kuala Lumpur, Malaysia 2 days ago
Federal Territory of Kuala Lumpur, Malaysia 1 week ago
WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago
Federal Territory of Kuala Lumpur, Malaysia 2 days ago
Petaling Jaya, Selangor, Malaysia 7 hours ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 months ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrCloud Security Engineer
Posted 4 days ago
Job Viewed
Job Description
Join to apply for the Cloud Security Engineer role at The Access Group
1 day ago Be among the first 25 applicants
Join to apply for the Cloud Security Engineer role at The Access Group
Direct message the job poster from The Access Group
We're looking for people to join the Access family, who share our passion for believing in better, and who will help us continue to grow.
Love Work. Love Life. Be You. - is central to our success and how we give our customers the freedom to do more of what's important to them.
What does Access offer you?
We offer a flexible, hybrid working environment where you can balance work and life while maintaining a strong office team-based culture. We deliver on what we say, taking the development of our people seriously. We'll work with you to progress your success plan and provide opportunities to accelerate your career. On top of a competitive salary, our wellbeing days taking you to 25 days leave a year and a health contribution, you'll also be able to choose from a range of benefits to suit you. We're an organisation that likes to give back, so you'll also have three charity days allocated to support a cause that matters to you.
Position Overview:
We are seeking an experienced Cloud Security Engineer to lead our cloud infrastructure security initiatives as part of our Infrastructure Vulnerability Management program. This role focuses on securing our cloud infrastructure and ensuring robust security posture across multi-cloud environments, with specific emphasis on identifying, assessing, and managing security vulnerabilities and misconfigurations across Azure (primary), AWS, and Google Cloud Platform environments.
As a Cloud Security Engineer, you will serve as the primary technical expert for cloud security vulnerability management, working closely with DevOps, cloud architects, and development teams to secure our cloud-native infrastructure, reduce cloud-specific attack surfaces, and integrate security throughout the cloud development lifecycle.
Key Responsibilities:
Cloud Security Architecture & Posture Management
- Design and implement security controls for cloud infrastructure across Azure, AWS, and GCP environments
- Implement, configure, and manage Cloud Security Posture Management (CSPM) tools across all cloud platforms
- Deploy and maintain cloud vulnerability scanning solutions including Prisma Cloud, and native cloud security services
- Continuously monitor cloud infrastructure for security misconfigurations, and compliance violations
- Develop and maintain cloud security baselines and configuration standards
- Assess cloud-native services, serverless functions, and container environments for security vulnerabilities
- Manage comprehensive vulnerability scanning and remediation for cloud infrastructure, ensuring asset coverage and timely patching
- Conduct comprehensive security assessments across multi-cloud environments and hybrid infrastructure
- Perform vulnerability scanning of cloud workloads, virtual machines, containers, and cloud-native applications
- Analyze cloud security findings and validate vulnerabilities specific to cloud environments
- Monitor and assess Infrastructure as Code (IaC) templates for security misconfigurations before deployment
- Track and prioritize cloud infrastructure vulnerabilities based on risk and business impact
- Integrate cloud security tools into CI/CD pipelines and support container security initiatives
- Implement security scanning integration into CI/CD pipelines and DevOps workflows
- Develop and maintain Infrastructure as Code (IaC) security templates and automated security policy enforcement
- Develop automation scripts for cloud security monitoring, alerting, and remediation workflows
- Collaborate with DevOps teams to implement "shift-left" security practices in cloud deployments
- Create and maintain cloud security automation using tools like Terraform, CloudFormation, ARM templates
- Implement cloud security orchestration and automated response capabilities
- Ensure compliance with cloud security frameworks including CIS Benchmarks, AWS Well-Architected Framework, Azure Security Benchmark, and GCP Security Command Center recommendations
- Conduct cloud security assessments for regulatory compliance in cloud environments
- Create and maintain risk documentation for cloud security exceptions and accepted risks
- Create and maintain cloud security policies, standards, and procedures aligned with NIST CSF 2.0
- Partner with cloud engineering, DevOps, and development teams to coordinate cloud security remediation
- Provide technical guidance on cloud security best practices and remediation approaches
- Track cloud security remediation progress and ensure issues are addressed within established SLAs
- Participate in cloud security incident response and forensic investigations
- Support incident response for cloud security events and breaches
- Maintain cloud security remediation tracking and reporting dashboards
Education & Experience
- Bachelor's degree in Cybersecurity, Cloud Computing, Information Technology, or related field
- 2-3 years of hands-on experience in cloud security, cloud infrastructure, or related cybersecurity roles
- 1 year of experience with cloud vulnerability management and CSPM tools
- Strong experience with Azure
- Experience managing security across major cloud platforms in enterprise environments
- Proficiency with Cloud Security Posture Management (CSPM) platform: Prisma Cloud or similar solutions
- Strong experience with native cloud security services: AWS Security Hub/Config, Azure Security Center/Defender, GCP Security Command Center
- Proficiency with cloud vulnerability scanning and cloud workload protection platforms
- Working knowledge of container security tools and Kubernetes security scanning
- Understanding of cloud compliance frameworks and automated compliance monitoring
- Advanced knowledge of major cloud platforms: AWS, Microsoft Azure, Google Cloud Platform
- Infrastructure as Code expertise: Terraform, CloudFormation, ARM templates
- Container and orchestration experience: Docker, Kubernetes, or similar
- Scripting and automation: Python, PowerShell, Bash, YAML for cloud security automation
- CI/CD integration: Jenkins, GitLab CI, Azure DevOps, GitHub Actions for security pipeline integration
- Cloud networking: VPCs, security groups, network ACLs, cloud firewalls, and micro-segmentation
- Understanding of network security in cloud environments and container technologies
- Experience with DevSecOps practices and security integration in cloud-native development
- Knowledge of secure coding practices for cloud applications and microservices
- Understanding of API security and cloud service authentication mechanisms
- Familiarity with cloud-native application architectures and serverless security considerations
- Knowledge of cloud security frameworks: CIS Cloud Benchmarks, NIST Cloud Computing Framework, Cloud Controls Matrix
- Understanding of shared responsibility models across different cloud providers
- Familiarity with cloud compliance programs: SOC 2, ISO 27001, PCI-DSS, FedRAMP
- Familiarity with data protection regulations in cloud environments: GDPR, CCPA, HIPAA
- Achieve 99%+ asset coverage and scanning coverage across all cloud environments
- Successfully integrate security scanning into >90% of cloud deployment pipelines
- Minimize critical cloud vulnerability exposure time to <24 hours
- Track cloud security remediation progress and ensure SLA compliance
- Respond to cloud security incidents within 30 minutes of detection
- Automate 80%+ of routine security configuration and compliance checks
- Reduce cloud security incidents through proactive vulnerability management
- Successfully integrate security controls into development workflows
- Achieve high adoption rates of cloud security tools and practices across teams
The Access Group is one of the largest UK-headquartered providers of business management software to small and mid-sized organisations in the UK, Ireland, USA and Asia Pacific. It helps more than100,000 customers across commercial and non-profit sectors become more productive and efficient. Our products and solutions go beyond providing technology, we connect the right people with the right data, at the right time, through Access Workspace.
At Access, we are committed to creating a welcoming and inclusive environment where everyone can thrive. If you're excited about this role, (even if your previous experience doesn't align perfectly), you might just be the perfect fit for us! We wholeheartedly believe in equality for all and the transformative power of diversity. Why not join our vibrant team where you can love what you do, love how you live, and most importantly, be authentically you? Let's make a difference together.
Love Work. Love Life. Be You.
Seniority level
- Seniority level Mid-Senior level
- Employment type Full-time
- Job function Information Technology
- Industries Technology, Information and Media
Referrals increase your chances of interviewing at The Access Group by 2x
Get notified about new Security Engineer jobs in Greater Kuala Lumpur .
Kota Damansara, Selangor, Malaysia 3 weeks ago
Petaling Jaya, Selangor, Malaysia 6 months ago
Kota Damansara, Selangor, Malaysia 1 week ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago
WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 6 months ago
Kota Damansara, Selangor, Malaysia 3 weeks ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 8 months ago
Petaling Jaya, Selangor, Malaysia 5 days ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 day ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Petaling Jaya, Selangor, Malaysia 2 hours ago
Security Operations Center Analyst (SOC Analyst)WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago
Petaling Jaya, Selangor, Malaysia 6 months ago
Security Engineer, Vulnerability ManagementPetaling Jaya, Selangor, Malaysia 2 months ago
WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 weeks ago
Petaling Jaya, Selangor, Malaysia 1 month ago
WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Internship - Network & Information Security EngineerKuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 6 months ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
Lead Cloud Security Engineer / Operations I IT Security, MSS, Group Technology & DigitalWP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
Cloud Security Engineer/Operations I IT Security, MSS, Group Technology & DigitalWP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Internship-Technical Cloud/Security Support EngineerWP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 3 weeks ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 6 months ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago
Senior Cloud Security Engineer/Operations I IT Security, MSS, Group Technology & DigitalWP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrSenior Security Penetration Tester
Posted 7 days ago
Job Viewed
Job Description
Join to apply for the Senior Security Penetration Tester role at BAE Systems Digital Intelligence
3 days ago Be among the first 25 applicants
Join to apply for the Senior Security Penetration Tester role at BAE Systems Digital Intelligence
Location(s): Asia-Pacific & Middle East : Malaysia : Kuala Lumpur
BAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the most demanding environments.
About Us
Our mission at BAE Systems Digital Intelligence is to collect, connect and understand complex data, so that our customers can unlock digital advantage in the most demanding environments.
At our Malaysian Global Delivery Centre, we work with clients from around the world to deliver cyber technical services to support our customers in keeping their systems secure in today’s hostile digital world.
As a Senior Penetration Tester, you will perform comprehensive penetration testing assessments across a wide range of sectors and produce comprehensive written reports to meet high industry standards. Beyond the testing itself, you will be involved in client pre-engagement processes, contributing to scoping tasks and drafting proposals.
This position is part of our global Cyber Technical Services team, which includes adjacent areas such as Threat Intelligence and SOC Consulting.
Your Role Will Involve
- Delivery of end-to-end security testing engagements, including scoping and client wash-up meetings.
- Performing a wide range of security testing types such as web application, infrastructure and objective based/red teaming.
- Production of detailed reporting and presentations for both technical and non-technical stakeholders.
- Safe and responsible use of testing tools, ensuring controls are in place to limit risks during customer engagements.
- Developing improvements in terms of scripts, tools, or techniques to enhance the Security Testing team's capabilities.
- Maintaining an up-to-date knowledge of information security issues, continuously learning about new technologies, methodologies, and techniques.
- Knowledge sharing with colleagues in other teams, such as Threat Intelligence, Incident Response, and the wider Security Consulting community.
- Assist and support team members in troubleshooting complex technical issues, reviewing vulnerability findings, and validating penetration test results to uphold high standards of accuracy, consistency, and reporting quality.
- We are looking for those with a passion for cybersecurity. Those who contribute to cybersecurity related blogs, engage in vulnerability research/bug bounties or other community related events will be looked at favourably
- Experience in common offensive penetration testing domains such as testing of web applications, infrastructure and red teaming. Experience with wireless and mobile testing also an advantage.
- Evidenced skills through industry recognised certifications such OSCP, CREST or CRTO
- Confident communicator with excellent spoken and written English communication skills
- Experience using common industry tools such as Kali Linux, Nessus & Burpsuite
- Knowledge of C2 frameworks such as Cobalt Strike
- Threat hunting or compromised assessment experience
- You’ll have a dedicated line Manager to help you develop your career and guide you on your journey through BAE Systems Digital Intelligence
- We will support your personal training and development in the areas of cybersecurity by sponsoring training courses and certification exams (i.e OSCP, CREST, CRTO)
- Work-life balance is important; you’ll get 18 days holiday a year (increases to 21 after 5 years’ service)
- We support hybrid working and give flexibility for teams to decide on the balance between remote and office-based working
- Our benefits package includes private family medical cover, maternity (4 months), paternity (2 weeks), study leave & a Optical/Dental/Health screening allowance
- You’ll be part of our annual bonus and share award scheme
We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.
By embracing technology, we can interact, collaborate and create together, even when we’re working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance well-being.
Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds – the best and brightest minds – can work together to achieve excellence and realise individual and organisational potential. Seniority level
- Seniority level Mid-Senior level
- Employment type Full-time
- Job function Information Technology
- Industries IT Services and IT Consulting
Referrals increase your chances of interviewing at BAE Systems Digital Intelligence by 2x
Sign in to set job alerts for “Penetration Tester” roles.Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 day ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 8 months ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 6 months ago
Cyber Security Engineer (Penetration Tester)Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 weeks ago
Petaling Jaya, Selangor, Malaysia 6 days ago
Petaling Jaya, Selangor, Malaysia 6 months ago
Petaling Jaya, Selangor, Malaysia 1 month ago
Petaling Jaya, Selangor, Malaysia 1 month ago
Internship - Network & Information Security EngineerKuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 6 months ago
Petaling Jaya, Selangor, Malaysia 3 days ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Petaling Jaya, Selangor, Malaysia 6 months ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 month ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 day ago
Petaling Jaya, Selangor, Malaysia 2 days ago
Security Operations Center Analyst (SOC Analyst)WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 4 hours ago
WP. Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 days ago
Federal Territory of Kuala Lumpur, Malaysia 2 weeks ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 2 months ago
Wilayah Persekutuan Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 day ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 6 months ago
Petaling Jaya, Selangor, Malaysia 6 months ago
Federal Territory of Kuala Lumpur, Malaysia 1 day ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-LjbffrBe The First To Know
About the latest Information security Jobs in Malaysia !
Senior Security Project Engineer
Posted 7 days ago
Job Viewed
Job Description
Logicalis is an international solution provider offering digital enablement services to help customers harness technology for business outcomes.
Our clients span industries such as financial services, TMT, Education, Healthcare, Retail, Government, Manufacturing, and Professional services. We focus on modernising digital pillars like Data centres, Cloud services, Security, Network Infrastructure, Workspace communications, Data strategies, and IT operations.
Logicalis Group has over $1.7 billion in annual revenue, operating across Europe, North America, Latin America, Asia Pacific, and Africa. It is part of Datatec Limited, listed on the Johannesburg Stock Exchange, with revenues exceeding $4 billion.
As we grow, our people are our key differentiator. Developing and retaining talent is a priority. We encourage you to watch this short employee video for insights.
Job Summary:
We seek a Senior Security Project Engineer for our Professional Services Team, focusing on Security Projects involving NAC, Firewall, PS, and MFA solutions. Hands-on experience with these solutions is essential. The role offers significant learning opportunities in advanced security technologies.
Accountabilities:
- Create detailed low-level design documents for project delivery, outlining scope and technology details.
- Participate in meetings with internal teams and clients to develop the LLD.
- Possess in-depth technical knowledge and experience with Cisco ISE and HPE Aruba ClearPass NAC solutions.
- Prepare and execute User Acceptance Testing (UAT) according to documentation.
- Understand Windows Active Directory and its integration with NAC solutions.
- Deliver Firewall migrations and optimize Firewall/IPS policies.
- Implement MFA solutions tailored to specific use cases.
- Review Technical Design Specifications for security projects.
- Contribute to internal knowledge sharing of technical findings.
The Individual and their Experience:
- Mandatory experience with Cisco ISE and HPE Aruba ClearPass NAC solutions.
- Experience with firewall migration across multiple vendors like Cisco ASA/FTD, Palo Alto, Fortigate, Checkpoint.
- Hands-on experience with Cisco FirePower NGIPS.
- Basic networking knowledge, including routing and switching protocols.
- Ability to manage medium to large projects to meet deadlines.
- Strong customer relationship skills.
- Team-oriented, sharing knowledge and experience.
- Quick learner, adaptable to new skills with appropriate training.
By applying, you agree to our data privacy notice: DP Notice .
#J-18808-LjbffrSenior Security Engineer, Threat Hunting
Posted 9 days ago
Job Viewed
Job Description
About Grab and Our Workplace
Grab is Southeast Asia's leading superapp. From getting your favourite meals delivered to helping you manage your finances and getting around town hassle-free, we've got your back with everything. In Grab, purpose gives us joy and habits build excellence, while harnessing the power of Technology and AI to deliver the mission of driving Southeast Asia forward by economically empowering everyone, with heart, hunger, honour, and humility.
Get to know the team
Grab's Security Engineering Team – When you're an engineer at Grab, you are part of the heart and soul of the company. You will be reporting to Software Engineering Manager II. Our passion is anchored in the work that we do, and this is reflected in the impact we make on millions of lives on a daily basis. We are empowered by creating amazing services and tools that serve millions of passengers, driving partners, and fellow Grabbers.
Get to know the role
We are looking for a Senior Backend Engineer to take charge of the Security Engineering initiatives. This role is required because we are expanding our regional security engineering capabilities. In return, you will work with and build a great team working on complex architectures and contributing to the security engineering of one of the largest cloud deployments in the region.
You will help lead, designing, developing, and scaling solutions for proactive safeguards and sane defaults for platforms, container security, threat detection, automated incident response, and security monitoring across Grab's ecosystem.
This role is onsite in our Petaling Jaya, Malaysia office.
The Critical Tasks You Will Perform
- You will design, implement, and maintain secure, accurate and reliable security platforms.
- You will partner with production engineering management to promote and ensure adoption of security standards and improve security gaps.
- You will contribute to the building, operating and maintaining of the security infrastructure and services to improve Grab prevent, detect and response capabilities.
- You will lead a sub-discipline (cloud security, security operations, devsecops, security automation, and security architecture) within the Security Engineering team.
- You will oversee and ensure that internal and external SLA's meet and Security Engineering-centric goals are monitored and improved.
- You will create tools for automating deployment, monitoring and operations of the security platform.
- You will participate in on-call rotation to provide infrastructure support, incident management, and troubleshooting.
What Essential Skills You Will Need
- You have 4+ years of experience as a software engineer, writing production code.
- You have proficiency in security scripting and automation (Comfortable to code in at least one high-level programming language - JavaScript, Java, Golang, Python, PowerShell, Bash)
- You have experience designing, developing, and implementing large-scale, available online services.
- You have solid Computer Science fundamentals in algorithms and data structures.
Life at Grab
We care about your well-being at Grab, here are some of the global benefits we offer:
- We have your back with Term Life Insurance and comprehensive Medical Insurance.
- With GrabFlex, create a benefits package that suits your needs and aspirations.
- Celebrate moments that matter in life with loved ones through Parental and Birthday leave , and give back to your communities through Love-all-Serve-all (LASA) volunteering leave
- We have a confidential Grabber Assistance Programme to guide and uplift you and your loved ones through life's challenges.
- Balancing personal commitments and life's demands are made easier with our FlexWork arrangements such as differentiated hours
What We Stand For At Grab
We are committed to building an inclusive and equitable workplace that provides equal opportunity for Grabbers to grow and perform at their best. We consider all candidates fairly and equally regardless of nationality, ethnicity, race, religion, age, gender, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique.
#J-18808-LjbffrAssociate Director, Application Security
Posted 9 days ago
Job Viewed
Job Description
The incumbent will be managing 9 team members and responsible for defining and overseeing the organization’s application security architecture, ensuring alignment with target architectures and modern development practices.
Strategic Oversight of Security Architecture
- Define, design, and implement the target application security architecture in line with organizational goals and industry/regulatory standards.
- Establish a comprehensive application security strategy, ensuring seamless integration into enterprise architecture and technology roadmaps.
- Conduct architectural reviews to identify risks and recommend mitigation strategies, focusing on secure and scalable solutions.
- Lead the integration of security controls into CI/CD pipelines, ensuring automated detection and remediation of vulnerabilities.
Secure Software Development Lifecycle (SDLC)
- Develop and enforce secure development guidelines, ensuring security is incorporated at every stage of the SDLC.
- Provide leadership in threat modelling, secure coding practices, and software code quality management across development teams.
- Work with application teams to prioritize security requirements, balancing business objectives with technical risks.
Vulnerability Management and Mitigation
- Oversee the overall strategy for SAST, DAST, to identifying and remediating vulnerabilities.
- Ensure timely resolution of identified issues, coordinating efforts across development, QA, and DevOps teams.
- Maintain and communicate detailed metrics and dashboards on the security posture of applications and pipelines.
Cross-Functional Collaboration
- Partner with application teams to align security architecture with business needs and project timelines.
- Act as the primary liaison between technical teams and executive leadership, effectively conveying security risks and architectural priorities.
Education and Certifications:
- Bachelor’s degree in computer science, Information Security, or a related field. A Master’s degree is desired.
- Relevant certifications such as CISSP, CSSLP, CEH, OSCP or CREST
Professional Experience:
- At least 15 years of experience in cybersecurity, with a focus on application security, security architecture, and secure development practices.
- Proven expertise in designing and implementing security controls within CI/CD pipelines in Agile and DevOps environments.
- Demonstrated success in defining and overseeing secure application architectures for cloud-native and hybrid environments.
- Deep understanding of secure software development lifecycle (SDLC) methodologies and best practices.
- A team-player with systematic problem-solving approach and have sense of ownership and drive.
- Must have strong people skill to lead a team effectively and demonstrable experience of working at the most senior levels of large and complex organizations.
- Excellent interpersonal skills and stakeholders' management.
- Always have customer in mind when dealing with any situations/projects/deliverables.
- Interprets customer needs, assesses requirements and identifies solutions to non-standard requests.
- Able to negotiate with, influence and engage others in complex and conflicting situations across multiple parties to drive a positive outcome.
- Good communication skills and the communication network of the incumbent is expected to be internally within the enterprise (80%) and external with Vendors and Service Providers (20%).
- Seniority level Director
- Employment type Full-time
- Job function Information Technology
- Industries IT Services and IT Consulting
Referrals increase your chances of interviewing at AIA Digital+ by 2x
Get notified about new Director of Application Security jobs in Greater Kuala Lumpur .
Expression of Interest - Cyber Security ManagerKuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia 1 week ago
Senior Application Operations Engineer - PuneWe’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr