206 Security Architect jobs in Malaysia

At AIA we've started an exciting movement to create a healthier, more sustainable future for everyone.

As pioneering innovators for over 100 years, we're now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.

To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.

If you believe in developing a better tomorrow, read on.

About the Role

The Security Architect will lead the design, implementation, and maintenance of a robust security architecture tailored for AIA, ensuring the protection of digital assets, infrastructure, and sensitive financial data. This includes maintaining an enterprise security blueprint and integrating best practices aligned with regulatory standards such as ISO/IEC 27001, NIST, and relevant industry regulations.

You will collaborate closely with IT, development, and risk management teams to embed security measures across the technology infrastructure and software development lifecycle, using a risk-based and compliance-driven approach.

In this role, you will ensure that the security architecture supports business objectives and regulatory requirements. You will also lead the development of security frameworks, standards, and policies, while providing expert guidance on secure design and risk mitigation strategies across projects and operations.

Roles and Responsibilities:

Security Architecture & Design

• Lead the development and implementation of enterprise security architecture strategies, frameworks, and mitigation plans.
• Design secure systems and network architectures that align with business objectives, regulatory requirements, and industry best practices.
• Translate business and technical requirements into robust, secure architecture solutions.

Governance & Assurance

• Own the security review process and produce security design blueprints for ARB and other governance forums.
• Provide architecture assurance to ensure alignment with enterprise roadmaps and standards.
• Define and maintain security standards, guidelines, and reference architectures.

Risk Management & Compliance

• Conduct threat modeling, risk assessments, and security impact analyses for new and existing solutions.
• Stay current with regulatory changes affecting cybersecurity in the insurance and financial services sectors.
• Evaluate emerging security technologies and recommend adoption where appropriate.

Collaboration & Advisory

• Partner with solution architects, development teams, and business stakeholders to ensure secure design and implementation.
• Present security architecture and risk mitigation strategies to ARB and senior leadership.
• Provide advisory and assurance support to the Local Information Security (LIS) team during security incident investigations.

Documentation & Review

• Review and endorse technical documents (e.g., impact analyses, functional designs, interface agreements) from a security perspective.
• Contribute to the strategic direction of security investments and enterprise risk posture.

Leadership & Enablement

• Serve as the technical subject matter expert for all security-related design decisions.
• Mentor junior team members and promote security awareness across IT and business teams.

Minimum Job Requirements:

• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or a related discipline.
• Proven experience in security architecture design, preferably within the financial services or insurance industries.
• Minimum of 8 years of experience in IT security architecture, risk management, or cybersecurity operations.
• Strong knowledge of security frameworks such as ISO/IEC 27001, NIST, and COBIT.
• Solid understanding of cloud security architecture and platforms (Azure preferred), as well as DevSecOps practices.
• Hands-on experience in threat modeling, risk assessment, and implementation of security controls.
• Practical experience with security technologies including firewalls, SIEM, IAM, DLP, and endpoint protection.
• Familiarity with regulatory requirements (e.g., PDPA, GDPR) and industry standards (e.g., PCI DSS).
• Excellent analytical, problem-solving, and decision-making skills.
• Experience with Agile and Waterfall methodologies, and secure software development lifecycle (SDLC).
• Relevant certifications such as CISSP, CISM, or SABSA are highly desirable.

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.

At AIA we've started an exciting movement to create a healthier, more sustainable future for everyone.
As pioneering innovators for over 100 years, we're now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live Healthier, Longer, Better Lives.
To get there, we need people with tech/digital/analytics expertise and passion to help develop positive, sustainable change through digitally enhanced experiences that will impact the lives of millions of people and create a healthier future for everyone.
If you believe in developing a better tomorrow, read on.
About The Role
The Security Architect will lead the design, implementation, and maintenance of a robust security architecture tailored for AIA, ensuring the protection of digital assets, infrastructure, and sensitive financial data. This includes maintaining an enterprise security blueprint and integrating best practices aligned with regulatory standards such as ISO/IEC 27001, NIST, and relevant industry regulations.

You will collaborate closely with IT, development, and risk management teams to embed security measures across the technology infrastructure and software development lifecycle, using a risk-based and compliance-driven approach.

In this role, you will ensure that the security architecture supports business objectives and regulatory requirements. You will also lead the development of security frameworks, standards, and policies, while providing expert guidance on secure design and risk mitigation strategies across projects and operations.

Roles And Responsibilities
Security Architecture & Design

• Lead the development and implementation of enterprise security architecture strategies, frameworks, and mitigation plans.
• Design secure systems and network architectures that align with business objectives, regulatory requirements, and industry best practices.
• Translate business and technical requirements into robust, secure architecture solutions.

Governance & Assurance

• Own the security review process and produce security design blueprints for ARB and other governance forums.
• Provide architecture assurance to ensure alignment with enterprise roadmaps and standards.
• Define and maintain security standards, guidelines, and reference architectures.

Risk Management & Compliance

• Conduct threat modeling, risk assessments, and security impact analyses for new and existing solutions.
• Stay current with regulatory changes affecting cybersecurity in the insurance and financial services sectors.
• Evaluate emerging security technologies and recommend adoption where appropriate.

Collaboration & Advisory

• Partner with solution architects, development teams, and business stakeholders to ensure secure design and implementation.
• Present security architecture and risk mitigation strategies to ARB and senior leadership.
• Provide advisory and assurance support to the Local Information Security (LIS) team during security incident investigations.

Documentation & Review

• Review and endorse technical documents (e.g., impact analyses, functional designs, interface agreements) from a security perspective.
• Contribute to the strategic direction of security investments and enterprise risk posture.

Leadership & Enablement

• Serve as the technical subject matter expert for all security-related design decisions.
• Mentor junior team members and promote security awareness across IT and business teams.

Minimum Job Requirements

• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or a related discipline.
• Proven experience in security architecture design, preferably within the financial services or insurance industries.
• Minimum of 8 years of experience in IT security architecture, risk management, or cybersecurity operations.
• Strong knowledge of security frameworks such as ISO/IEC 27001, NIST, and COBIT.
• Solid understanding of cloud security architecture and platforms (Azure preferred), as well as DevSecOps practices.
• Hands-on experience in threat modeling, risk assessment, and implementation of security controls.
• Practical experience with security technologies including firewalls, SIEM, IAM, DLP, and endpoint protection.
• Familiarity with regulatory requirements (e.g., PDPA, GDPR) and industry standards (e.g., PCI DSS).
• Excellent analytical, problem-solving, and decision-making skills.
• Experience with Agile and Waterfall methodologies, and secure software development lifecycle (SDLC).
• Relevant certifications such as CISSP, CISM, or SABSA are highly desirable.

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.
You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.

Job Title: Security Solution Architect

Overview:

As a Security Solution Architect at Noventiq, you will play a pivotal role in helping customers secure their digital transformation using Microsoft's security solutions. You will be responsible for designing and implementing security architectures that meet the needs of enterprise customers.

Responsibilities:

• Engage with enterprise customers to understand their security requirements and challenges.
• Design and implement comprehensive security solutions using Microsoft technologies.
• Lead architecture design sessions and workshops to drive security transformation.
• Provide technical guidance and mentorship to customers and internal teams and deliver Security workshops
• Collaborate with sales and technical teams to ensure successful deployment of security solutions.
• Stay updated with the latest security trends and technologies to provide innovative solutions.
• Qualifications:
• Bachelor's or Master's degree in Computer Science, Information Technology, or a related field.
• At least 5+ years of experience in security architecture, consulting, or related roles.
• Deep technical knowledge of Microsoft security solutions such as Microsoft Sentinel, Microsoft Defender, and Azure Security.
• Experience with cloud security, hybrid infrastructure security, and network security.
• Relevant certifications (e.g., CISSP, CCSP, Microsoft Certified: Azure Security Engineer Associate) are preferred.

Additional Skills:

• Strong problem-solving and analytical skills.
• Excellent communication and presentation skills.
• Ability to work collaboratively in a team environment.
• Passion for learning and staying current with industry trends

Our client is on the hunt for a highly skilled and proactive Cloud Security Architect to join their dynamic team.

Cloud Security Architect

This role offers an exciting opportunity to play a crucial part in ensuring the security and compliance of project and application implementation, with a particular focus on Cloud services and technologies. The successful candidate will be part of a supportive team that values collaboration, understanding, and commitment.

• Key role in ensuring security and compliance
• Focus on Cloud services and technologies
• Opportunity to work with a supportive and collaborative team

What you'll do:

As a Cloud Security Architect, you will be at the forefront of ensuring the safety and compliance of various projects and applications. Your expertise in Cloud services and technologies will be invaluable as you conduct thorough reviews, collaborate with other teams, track vulnerabilities, and provide consultation on all matters related to Cloud Security. You will also play a key role in fostering a culture of security awareness through training. Your ability to maintain and update relevant policies, standards, and procedures will contribute significantly to our client's success.

• Conduct security-by-design reviews on new programs, initiatives, projects, Cloud services and technologies.
• Collaborate with information security teams to ensure project implementation aligns with security controls.
• Participate in the security architecture blueprint and design review process for Cloud hosted solutions.
• Ensure critical vulnerabilities are tracked and remediated prior to application go-live.
• Analyse, review, and approve non-standard software/technology implementations.
• Provide advisory and consultation to business units for any Cloud Security related matters.
• Create a culture of security-by-design awareness by conducting related training.
• Maintain and update relevant security policies, standards, and operating procedures.

What you bring:

The ideal candidate for this Cloud Security Architect position brings a wealth of experience in reviewing architecture blueprints and designing controls within the Cloud domain. With your recognised degree in Computer Science or related Engineering fields, you have spent 5-10 years honing your skills in this area. Your knowledge of various regulations including PDPA, MAS guidelines, technology/cybersecurity regulations across Asian countries sets you apart. An understanding of asset or wealth management businesses would be advantageous. Certifications such as CISA, CISSP, CCSP are encouraged and demonstrate your commitment to continuous learning. Your ability to understand business requirements and security risks during assessments is crucial, as is your understanding of the company's business direction from products, solutions, market perspectives in the Cloud domain.

• Recognised degree in Computer Science or related Engineering fields.
• 5-10 years of experience in reviewing architecture blueprints and designing controls in the Cloud domain.
• Knowledge of regulations including PDPA, MAS guidelines, technology/cybersecurity regulations in Asian countries.
• Understanding of asset or wealth management businesses is a plus.
• Certifications such as CISA, CISSP, CCSP are encouraged.
• Ability to understand business requirements and security risks during assessments.
• Understanding of company's business direction from products, solutions, market perspectives in the Cloud domain.

What sets this company apart:

Our client is a leading player in the financial services industry with a strong presence across Asia. They are known for their commitment to innovation, particularly in the realm of technology and cybersecurity. They offer a supportive and collaborative work environment where every team member's contribution is valued. Their focus on continuous learning and development ensures that their employees are always at the forefront of industry developments.

What's next:

Ready to take your career to new heights? Don't miss this exciting opportunity

Apply today by clicking on the link We can't wait to hear from you.

Do note that we will only be in touch if your application is shortlisted.

Agensi Pekerjaan Robert Walters Sdn Bhd

Business Registration Number : T

Licence Number : JTKSM 423C

Job Title
Application Security Architect

Reports To
Head of Cyber Security

Role Purpose
The role of an Application Security Architect encompasses a wide range of responsibilities centred around ensuring the security and efficient operation of software and web applications from inception to retirement. This role is pivotal in ensuring the MAG's applications are secure, compliant, and running efficiently. It requires staying abreast of the latest security trends and technologies, especially in the rapidly evolving domain of cloud-native applications.

Key Accountability

• General Accountabilities
• Integrate security tools, standards, and processes into the Product Life Cycle (PLC), ensuring compliance with SDLC and OWASP Top 10.
• Enhance API security using tools like GIT, SCA, and WebInspect.
• Improve deployment of application security tools for static analysis and runtime testing.
• Maintain secure development standards for technologies like C#, JavaScript (Jscript), and PHP.
• Support incident response and architecture reviews with application security expertise.
• Develop metrics and performance analyses using platforms like Jira.
• Ensure compliance with security standards using Microsoft Security solutions.
• Integrate DevSecOps into development processes, supporting Agile, Waterfall, and SCRUM methodologies.
• Application Security Oversight
• Develop and enforce application security policies and procedures.
• Conduct security assessments using tools like WebInspect and Metasploit.
• Code and API Security Management.
• Secure application code and APIs with reviews, secure coding practices, and tools like WebInspect.
• Monitor APIs for unauthorized access and ensure compliance with standards.
• CNAPP Administration
• Manage Cloud-Native Application Protection Platforms to address security threats and vulnerabilities.
• Risk Assessment and Mitigation
• Identify security risks and implement mitigation strategies to minimize impacts.
• Digital Lifecycle Management
• Coordinate system updates, patches, and upgrades using databases like mySQL and MS SQL.
• Other Capabilities
• Maintain expertise in platforms like J2EE, .NET, and API management for interoperability.
• Align security design and deployment standards with DevSecOps and Agile practices using tools like Jira.

Qualifications & Working Experience

• Bachelor's or Master's degree in Computer Science, Information Security, or related field.
• years of working experience in Information Technology, application security, IT security, or a related field.
• Experience in Aviation Industry will be added advantages.

Areas of Experience
Major Requirements: Active Directory, SDLC, OWASP10. GIT, GCC, Jira, SCA, , WebInspect, C#, Jscript, PhP, Xcode15, DevSecOps, Metasploit, Agile & Waterfall methodologies, SCRUM, mySQL & MS SQL.

Personality Traits

• Strong understanding of regulatory requirements and industry standards relevant to data protection and privacy.
• Strong knowledge of secure coding practices, application security measures, and API security.

Job Description:

• Directly support the Chief Information Security Officer (CISO).
• Lead and manage GRC personnel as required.
• Develop, review and implement security architectures and frameworks for IT systems, networks, applications and OT.
• Evaluate or prepare security requirements proposed for project or tender submissions.
• Develop security surveillance strategies, frameworks, and procedures.
• Develop security assessment surveys and maturity measurement methods.
• Identify vulnerabilities and perform security risk assessments.
• Define and enforce security policies, procedures, and best practices.
• Define governance and risk management procedures and methodologies.
• Define security roadmaps based on business and enterprise priorities.
• Evaluate and recommend security tools and technologies.
• Coordinate and communicate GRC activities across the Group's subsidiaries.
• Define and manage data gathering and reporting across the Group's subsidiaries.
• Develop and maintain system security architecture and design standards / templates.
• Maintain records of system architectural patterns and secure engineering solutions.
• Work with the Security Risk & Compliance Manager to maintain and present a consistently accurate assessment of enterprise risk.
• Work with the Cyber Security Architect to ensure all aspects of Cyber Security Operational capability are developing appropriately and to communicate threat intel across subsidiaries as required.
• Work with the Security Compliance Lead to ensure all aspects of the GRC function are planned, implemented and applied effectively.

Requirements:

• In-depth knowledge of Mitre ATT&CK Tactics and Techniques and OWASP Top Ten.
• In-depth work experience in hybrid and cloud architecture / system design and implementation.
• In-depth knowledge of zero trust principles, network security, cloud security, cryptography, and secure software development.
• Practical experience in NIST CSF and CIS Controls assessment and implementation.
• Demonstrable experience delivering detailed system security design and threat modelling.
• Project and/or program management and support experience.
• Excellent documentation and writing skills.
• Excellent communications skills.
• At least 5 years' work experience as a System Security Architect.
• Previous work experience in IT architecture and infrastructure.
• BSc in Computer Science, Computer Engineering or equivalent.