73 Junior Security Consultant jobs in Malaysia

At EY, we’re committed to shaping your future with confidence.

We’ll support your success in a globally connected powerhouse of diverse teams, helping you advance your career in the direction you desire.

Join EY and contribute to building a better working world.

The Opportunity

At EY, we are expanding our market-leading cyber security services to meet increasing client demand. We are seeking highly motivated Senior Associates and Managers to join our team, lead critical client engagements, and help drive our growth strategy. This is a chance to make a significant impact by delivering cutting-edge solutions, developing our people, and shaping the future of our practice.

Your Key Responsibilities

As a Senior Associate/Manager, you will be responsible for leading the delivery of cyber security engagements and managing client relationships. You will work closely with Partners and Directors to define solutions, oversee project execution, and develop new opportunities in the market.

You will have responsibility for:

• Leading end-to-end delivery of a portfolio of cyber security engagements, ensuring high-quality output and client satisfaction.
• Building and maintaining trusted client relationships, acting as a strategic advisor to senior stakeholders.
• Developing engagement plans, budgets, and resourcing, while managing project risks and issues.
• Guiding and reviewing the work of engagement teams, providing coaching and constructive feedback.
• Driving business development initiatives – including proposal development, presentations, and thought leadership.
• Contributing to practice growth by identifying market trends, developing new service offerings, and building internal capabilities.

You will be responsible for delivering one or more of the following areas:

• Cybersecurity Management programs – governance, risk and compliance, security architecture, and technology/process controls.
• Threat & Vulnerability Management – risk assessments, penetration testing, threat modeling, and vulnerability management.
• Incident Detection & Response – developing SOC strategies, incident response playbooks, and crisis management.
• Data Protection & Privacy – GDPR/PDPA compliance, data governance, and privacy-enhancing technologies.
• Identity & Access Management – IAM strategy, access governance, and privileged access solutions.
• Business Continuity & Disaster Recovery – planning, implementation, and maturity assessments.

Skills and Attributes for Success

• Strong leadership skills with the ability to inspire, mentor, and develop teams.
• Proven ability to manage multiple engagements and stakeholders simultaneously.
• Strong business acumen and the ability to translate cyber risk into business impact.
• Excellent communication and presentation skills with the ability to influence senior stakeholders.
• A collaborative, innovative, and solutions-driven mindset.

To Qualify for the Role You Must Have:

• A bachelor’s degree in computer science, information security, engineering, or a related field.
• Minimum 3 years of relevant work experience, with at least 1 year in a managerial role in cyber security, risk management, or technology consulting.
• Demonstrated experience leading client engagements and delivering complex security solutions.
• Related professional certifications such as CISSP, OSCP, CEH, CISM, CISA, or equivalent.

Ideally, You’ll Also Have:

• Experience in project/program management (PMP, PRINCE2, Agile, or equivalent).
• Proven experience in business development, proposals, and client relationship management.
• Experience supervising and coaching junior team members and building high-performing teams.
• Strong problem-solving and critical thinking skills.
• Demonstrated integrity and commitment to excellence within a professional environment.

What We Offer You

At EY, we’ll develop you with future-focused skills and equip you with world-class experiences.

We’ll empower you in a flexible environment and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams.

EY is an equal opportunities employer and welcomes applications from all qualified candidates. We are committed to building a diverse and inclusive workplace and encourage applications from diverse candidates.

EY Federal Territory of Kuala Lumpur, Malaysia

Cybersecurity is no longer just an IT issue—it's a business imperative. At EY, we help organizations protect their assets, minimize disruption, and build resilience as they embrace digital transformation.

We're expanding our market-leading cybersecurity team and looking for passionate professionals to join us as Senior Associates . If you're ready to lead impactful engagements, work with cutting-edge technologies, and help clients navigate complex security challenges, this is your chance.

What you'll do:

• Lead cybersecurity projects and deliver high-quality solutions
• Assess risks, perform penetration testing, and implement security programs
• Support clients in areas like data protection, threat management, and incident response
• Collaborate with global teams and contribute to business development

What we're looking for:

• 1+ year of experience in cybersecurity or IT consulting
• Strong analytical, communication, and project management skills
• Professional certifications (CISSP, OSCP, CEH, CISM, etc.) are a plus
• A team player who thrives in a fast-paced, innovative environment

We are an equal opportunities employer and are committed to creating an inclusive environment for all employees.

Overview

Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia

• Minimum of three years experience in SAP Authorizations with at least 1-2 full SAP implementation cycles.


• Experience in implementing and maintaining these applications, in regards to application authorizations.


• Good understanding of the Industry's Best Practice and SAP Audit Guidelines.


• Must have knowledge of SAP Enterprise Portal (EP) and is able to setup EP roles.


• Good team player, responsible and conscientious.


• Preferably to have SAP Certification in User Administrations/Authorizations.


• Ability to design, develop and articulate solutions based on strategic business or technical requirements.


• Ability to work independently and efficiently, managing timelines and expectations, and producing high-quality deliverables (documentation, presentation, research).


• Expertise in implementing and maintaining authorizations/security solutions for SAP systems (e.g. ERP, EP, BW, HANA, GRC) for at least 6 years full-time (incl. minimum four years experience in SAP Authorizations);


• Good understanding of Industry's Best Practices and SAP Audit Guidelines;


• Enhanced knowledge of automated data protection controls


• Knowledge of the newest security developments, trends, and tools;


• Proven track record of IT projects where working in a key technology role (i.e. subject matter expert, solution architect, tech lead);


• Good leadership and project management skills, professional and team-oriented approach to work, a strong sense of responsibility, ability to distribute tasks, assess and manage risks, define and control performance metrics;


• Has analytical and process thinking skills can provide Business Analysis, properly estimate tasks and propose solution architecture,


• Demonstrates strong communication, collaboration, coaching and interpersonal skills, teaches and enables other team members;

Position Description

This role is responsible to manage information risk, to ensure compliance of Security Standards practised by the services/organization and to provide security support on application, projects and to prevent the unintentional, unlawful, or unauthorized disclosure, alteration, or destruction of IT resources.

Your future duties and responsibilities

• Responsible to manage operational IT Security for a high availability financial service and work on the reporting & improvement as well as facilitate in audits and trainings.
• To drive Analysis & handling of security vulnerabilities & incidents.
• Establish, maintain and review compliance with Operational Security processes and procedures periodically and to ensure these are met and monitored.
• Establish, maintain and review strict access control to information and IT systems according to business needs and access policies.
• Perform Access Management activities (grant, change and revoke access privileges).
• Establish and maintain an environment that complies with the Payment Card Industry Standards & Requirements, the Information Security Management Framework and other applicable security standards and Baselines.
• Monitor and manage security controls (system settings, logs, alerts, audit trails, attempts, violations, faulty logons, lockouts, etc.)
• To work closely with clients/ application/ infrastructure owners in applying and implementing the new security changes/solutions (e.g, protection concept, security specifications, architecture and design, security assessment).
• Exposure and to work on Security Operation Center (SOC) Tools, maintenance and operations support.

Preferred Skills
Required qualifications to be successful in this role

• Knowledge/ Exposure on Baseline controls a.k.a environmental controls, application generic control, Third Party Access controls and Legal and Regulatory controls
• Understanding and exposure working with External auditors on ISAE 3402, PCI-DSS compliance and other mandatory standards, health and safety, ISO/IEC 27001:2005, 27002:2005 and 27005:2008
• Maintaining mandatory standards, health and safety, ISO/IEC 27001:2005, 27002:2005 and 27005:2008
• Self-starter who can work autonomously and independently and willing to learn and explore compliance and IT security.
• Good written and verbal communications, and ability to productively interact across internal/external stakeholders, auditors and functions.
• Broad understanding of security technology, IT security Standards and compliance.

QUALIFICATIONS:

• You have a university degree, followed by depth experience in the field of Governance or Compliance with focus on IT security.
• Overall 8-10 years working experience in IT industry with at least 5 years' experience in IT Security & Compliance.
• Self-motivated and able to work independently as well as a team player.
• Good to have:
• Cards and Payment domain knowledge, Exposure or understanding on PCI DSS, PCI PA-DSS, Security Industry standards, IT Security and Assurance, TIA Knowledge/ practice, Infrastructure Security Knowledge/ Practice, Multiple OS and AD Knowledge practice and SIEM Knowledge / Practice.
• Experience in an IT operations-related field such as IT Security, IT Admin, Disaster Recovery or Maintenance of SOC tools.

Together, as owners, let's turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you'll reach your full potential because…

You are invited to be an owner from day 1 as we work together to bring our Dream to life. That's why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company's strategy and direction.

Your work creates value. You'll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.

You'll shape your career by joining a company built to grow and last. You'll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our team—one of the largest IT and business consulting services firms in the world.

JOB RESPONSIBILITIES:

• Identify customers' needs and wants.
• Actively seek new sales opportunities through calls, email, networking, and social media.
• Prepare proposals and provide advice on potential solutions based on identified needs.
• Create and maintain client databases and mail lists.
• Develop new business and customers, and support marketing programs.

REMUNERATION PACKAGE:

• Basic Salary + Allowance + Attractive Commissions & Incentives (Min additional RM4000 to RM1000 per month)
• Annual Overseas company trip
• Quarterly company team building & outings.
• Car Allowance, Company Laptop, and Company HP are provided.
• Other benefits include medical coverage, EPF, SOCSO, and insurance.

REQUIREMENTS:

• Diploma & Degree Holder.
• Minimum 2 years experiences in Sales OR within IT/Telecommunication industry.
• Possess own transport and be prepared to go on adventures.
• Does not give up easily.
• Amazing communication skills and speak confidently.
• Excellent listener and eager learner.

Job Purpose

This role is responsible to manage information risk, to ensure compliance of Security Standards practised by the services/organization and to provide security support on application, projects and to prevent the unintentional, unlawful, or unauthorized disclosure, alteration, or destruction of IT resources.

KEY RESPONSIBILITIES:

• Responsible to manage operational IT Security for a high availability financial service and work on the reporting & improvement as well as facilitate in audits and trainings.

• To drive Analysis & handling of security vulnerabilities & incidents.

• Establish, maintain and review compliance with Operational Security processes and procedures periodically and to ensure these are met and monitored.

• Establish, maintain and review strict access control to information and IT systems according to business needs and access policies.

• Perform Access Management activities (grant, change and revoke access privileges).

• Establish and maintain an environment that complies with the Payment Card Industry Standards & Requirements, the Information Security Management Framework and other applicable security standards and Baselines.

• Monitor and manage security controls (system settings, logs, alerts, audit trails, attempts, violations, faulty logons, lockouts, etc.)

• To work closely with clients/ application/ infrastructure owners in applying and implementing the new security changes/solutions (e.g, protection concept, security specifications, architecture and design, security assessment).

• Exposure and to work on Security Operation Center (SOC) Tools, maintenance and operations support.

Preferred Skills

·    Knowledge/ Exposure on Baseline controls a.k.a environmental controls, application generic control, Third Party Access controls and Legal and Regulatory controls

·    Understanding and exposure working with External auditors on ISAE 3402, PCI-DSS compliance and other mandatory standards, health and safety, ISO/IEC 27001:2005, 27002:2005 and 27005:2008

·    Maintaining mandatory standards, health and safety, ISO/IEC 27001:2005, 27002:2005 and 27005:2008

·    Self-starter who can work autonomously and independently and willing to learn and explore compliance and IT security.

·    Good written and verbal communications, and ability to productively interact across internal/external stakeholders, auditors and functions.

·    Broad understanding of security technology, IT security Standards and compliance.

QUALIFICATIONS:

• You have a university degree, followed by depth experience in the field of Governance or Compliance with focus on IT security.
• Overall 8-10 years working experience in IT industry with at least 5 years' experience in IT Security & Compliance.
• Self-motivated and able to work independently as well as a team player.
• Good to have:

Cards and Payment domain knowledge, Exposure or understanding on PCI DSS, PCI PA-DSS, Security Industry standards, IT Security and Assurance, TIA Knowledge/ practice, Infrastructure Security Knowledge/ Practice, Multiple OS and AD Knowledge practice and SIEM Knowledge / Practice.

Experience in an IT operations-related field such as IT Security, IT Admin, Disaster Recovery or Maintenance of SOC tools.

JOB RESPONSIBILITIES:

• Identify customers' needs and wants.
• Actively seek new sales opportunities through calls, email, networking, and social media.
• Prepare proposals and provide advice on potential solutions based on identified needs.
• Create and maintain client databases and mail lists.
• Develop new business and customers, and support marketing programs.

REMUNERATION PACKAGE:

• Basic Salary + Allowance + Attractive Commissions & Incentives (Min additional RM4000 to RM1000 per month)
• Annual Overseas company trip
• Quarterly company team building & outings.
• Car Allowance, Company Laptop, and Company HP are provided.
• Other benefits include medical coverage, EPF, SOCSO, and insurance.

REQUIREMENTS:

• Diploma & Degree Holder.
• Minimum 2 years experiences in Sales OR within IT/Telecommunication industry.
• Possess own transport and be prepared to go on adventures.
• Does not give up easily.
• Amazing communication skills and speak confidently.
• Excellent listener and eager learner.

Job Types: Full-time, Permanent

Pay: RM3, RM5,000.00 per month

Benefits:

• Opportunities for promotion
• Professional development

Education:

• Diploma/Advanced Diploma (Preferred)

Experience:

• Sales: 2 years (Required)

Work Location: In person

Job Summary:

1. Perform security risk and controls assessments, gap analyses, and compliance readiness engagements
2. Conduct penetration testing, vulnerability assessments, and report actionable remediation
3. Develop and implement security frameworks based on ISO 27001, NIST CSF, and RMiT for clients
4. Design and deliver compliance dashboards to support CXOs and audit committees
5. Lead ISMS certification programs for clients, from initiation through audit closure
6. Provide technical and compliance advisory during Managed SOC onboarding and client SOC integration
7. Support the design and implementation of AI-enabled security use cases (XDR, IAM, PAM) as part of advisory work
8. Deliver awareness and training programs under the Awantec Cyber Academy
9. Act as subject matter expert in compliance-related incident response and audits
10. Collaborate on developing standard compliance "packs" to accelerate consulting delivery and support Cybersecurity-as-a-Service (CSaaS) offerings

Job Responsibilities :

1. Deliver client-facing engagements in cyber risk consulting, compliance readiness, and vulnerability assessments
2. Lead ISMS, NIST, PDPA, RMIT, PCI DSS, SOC 2, and CSA Star audit support, ensuring high client pass rates and alignment with Awantec's compliance dashboards
3. Provide technical oversight for penetration testing, vulnerability assessments, and SOC risk workflows, ensuring risk-based triage and compliance integration
4. Actively participate in NACSA, Cybersecurity Malaysia, and CGSO regulatory frameworks, ensuring Awantec's alignment with national initiatives
5. Support Awantec's Cyber Academy by developing training modules in compliance, risk governance, and penetration testing
6. Collaborate with sales and pre-sales teams to scope engagements, build proposals, and present up to C-level stakeholders

7. Support Phase 1 service delivery under the Cybersecurity Services Roadmap:

8. Risk consulting and certification readiness (RMiT, ISO 27001, NIST CSF)

9. Security Posture Assessments (Google Workspace, endpoint EDR, VPC firewall)
10. Vulnerability assessment & penetration testing (VAPT)
11. Compliance dashboards tailored for CXOs and auditors
12. Advisory support for SOC readiness and integration into Managed SOC services