What Jobs are available for Security Engineer in Malaysia?
Showing 12 Security Engineer jobs in Malaysia
Advanced Cyber Security Architect/Engineer
Kuala Lumpur, Kuala Lumpur
Honeywell
Posted 4 days ago
Job Viewed
Job Description
**THE FUTURE IS WHAT WE MAKE IT.**
**Advanced Cyber Security Architect / Engineer**
**Kuala Lumpur**
Start your career by making an impact and real connections with some of the most meaningful challenges around. When you join Honeywell, you become a member of our performance culture comprised of diverse leaders, thinkers, innovators, dreamers, and doers who are changing the future.
**Make the Best You.**
Working at Honeywell is not just creating incredible things. You will have the opportunity to work with our talented and friendly team of professionals and be part of a global team of future shapers.
**Join Us and Make an Impact.**
We are seeking a dedicated Advanced Cyber Security Architect / Engineer join our Cyber Security team in Kuala Lumpur. This position is responsible for providing on-site cyber security services associated with industrial Process Control Networks for Honeywell customers in the Oil and Gas; Hydrocarbon Processing; Power Generation; Pulp, Paper & Printing; Continuous Web Solutions; Petrochemicals; Life Sciences; and Metals, Minerals and Mining markets. Services provided include on-site consulting, troubleshooting, network designs, implementation, assessments, and other related tasks as identified
**KEY RESPONSIBILITIES**
+ Assume leadership role in assigned projects ensuring project delivered on time and within budget and to the satisfaction of the customer
+ Keep technically current with the cyber security solutions, while maintaining expert knowledge on specific designated network disciplines
+ Maintain cyber security certifications
+ Maintain knowledge of current industry security standards such as IEC-62443, ISO 27000, etc.
+ Develop sound and trusted relationships with internal and external customers by providing accurate and efficient technical/engineering support
+ Respond to customer inquiries, questions and issues by diagnosing problems and providing the most appropriate technical solution in an accurate and timely manner
+ Maintain industrial safety awareness through the completion of pertinent safety certifications.
**MUST HAVE**
+ Bachelor's degree in a computer related field such as Computer Science, Computer information systems, electronics or in lieu of degree
+ 8+ years of experience in Networking, end-point security, performing audit/assessments and IT security.
+ CCNA/CCNP Certified Network/Design/Security Professional (at least one) certification is must.
+ GICSP/CISSP Certified Information Systems Security Professional or similar security certification preferred.
+ Microsoft Certified Systems Engineer
+ Knowledge in performing Cyber Security Vulnerability, Risk assessment.
+ Vulnerability scanning and assessments using Open source and commercial tools (Nessus, NMAP)
+ Experience with virtualization preferably VM Ware
+ Experience Network Security - Firewall, ACL, IDS, IPS, SIEM
+ Specific experience in Cisco Routers, Switches, or Firewalls
+ Microsoft - Active Directory, DNS, WSUS, Terminal Server
+ Experience with anti-virus systems, backup & restore solutions system management
+ Linux/Windows Security Basics
+ Experience in Process Control system design/implementation knowledge with good understating of Industrial standards (ISA/IEC 62443, ISO 27001& NIST)
**WE VALUE**
+ Knowledge of local cybersecurity best practices and guidelines formulated by local government authorities.
+ Knowledge in preparing functional and detailed design specification
+ Experience performing network services at customer sites.
+ Excellent troubleshooting skills to resolve complex network and or application or system integration issues
+ Experience/knowledge in networking protocols and application including HSRP, STP, RSTP, MSTP, VLAN, 802.1q, IPv4, IPv6, RIPv2, OSPF, EIGRP, DNS, NTP, EtherChannel, FTP, TFTP and SSH.
**About Us**
The world is changing. And it's a familiar story at Honeywell. Our $36 billion business was founded on a legacy of firsts spanning 130 years. We're building a safer, smarter, and more sustainable world through our technology and software across each of our 930 sites globally. Our impact is seen in every shape and size around the world. Our solutions are felt daily in aerospace, buildings and cities, retail, chemicals and materials, safety, industrial and manufacturing, safety, and supply chains.
**Discover More**
We've been innovating for more than 100 years and now we're creating what's next. There's a lot more available for you to discover. Our solutions, our case studies, our #futureshapers, and so much more. Learn more at careers.honeywell.com/us/en/
If you believe what happens tomorrow is determined by what we do today, you'll love working at Honeywell.
The future is what we make it. So, join us and let's do this together.
Honeywell is an equal opportunity employer, and we support a diverse workforce. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status. Aboriginal and Torres Strait Islander peoples are encouraged to apply.
**Copyright © 2025 Honeywell International Inc**
Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments - powered by our Honeywell Forge software - that help make the world smarter, safer and more sustainable.
Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.
**Advanced Cyber Security Architect / Engineer**
**Kuala Lumpur**
Start your career by making an impact and real connections with some of the most meaningful challenges around. When you join Honeywell, you become a member of our performance culture comprised of diverse leaders, thinkers, innovators, dreamers, and doers who are changing the future.
**Make the Best You.**
Working at Honeywell is not just creating incredible things. You will have the opportunity to work with our talented and friendly team of professionals and be part of a global team of future shapers.
**Join Us and Make an Impact.**
We are seeking a dedicated Advanced Cyber Security Architect / Engineer join our Cyber Security team in Kuala Lumpur. This position is responsible for providing on-site cyber security services associated with industrial Process Control Networks for Honeywell customers in the Oil and Gas; Hydrocarbon Processing; Power Generation; Pulp, Paper & Printing; Continuous Web Solutions; Petrochemicals; Life Sciences; and Metals, Minerals and Mining markets. Services provided include on-site consulting, troubleshooting, network designs, implementation, assessments, and other related tasks as identified
**KEY RESPONSIBILITIES**
+ Assume leadership role in assigned projects ensuring project delivered on time and within budget and to the satisfaction of the customer
+ Keep technically current with the cyber security solutions, while maintaining expert knowledge on specific designated network disciplines
+ Maintain cyber security certifications
+ Maintain knowledge of current industry security standards such as IEC-62443, ISO 27000, etc.
+ Develop sound and trusted relationships with internal and external customers by providing accurate and efficient technical/engineering support
+ Respond to customer inquiries, questions and issues by diagnosing problems and providing the most appropriate technical solution in an accurate and timely manner
+ Maintain industrial safety awareness through the completion of pertinent safety certifications.
**MUST HAVE**
+ Bachelor's degree in a computer related field such as Computer Science, Computer information systems, electronics or in lieu of degree
+ 8+ years of experience in Networking, end-point security, performing audit/assessments and IT security.
+ CCNA/CCNP Certified Network/Design/Security Professional (at least one) certification is must.
+ GICSP/CISSP Certified Information Systems Security Professional or similar security certification preferred.
+ Microsoft Certified Systems Engineer
+ Knowledge in performing Cyber Security Vulnerability, Risk assessment.
+ Vulnerability scanning and assessments using Open source and commercial tools (Nessus, NMAP)
+ Experience with virtualization preferably VM Ware
+ Experience Network Security - Firewall, ACL, IDS, IPS, SIEM
+ Specific experience in Cisco Routers, Switches, or Firewalls
+ Microsoft - Active Directory, DNS, WSUS, Terminal Server
+ Experience with anti-virus systems, backup & restore solutions system management
+ Linux/Windows Security Basics
+ Experience in Process Control system design/implementation knowledge with good understating of Industrial standards (ISA/IEC 62443, ISO 27001& NIST)
**WE VALUE**
+ Knowledge of local cybersecurity best practices and guidelines formulated by local government authorities.
+ Knowledge in preparing functional and detailed design specification
+ Experience performing network services at customer sites.
+ Excellent troubleshooting skills to resolve complex network and or application or system integration issues
+ Experience/knowledge in networking protocols and application including HSRP, STP, RSTP, MSTP, VLAN, 802.1q, IPv4, IPv6, RIPv2, OSPF, EIGRP, DNS, NTP, EtherChannel, FTP, TFTP and SSH.
**About Us**
The world is changing. And it's a familiar story at Honeywell. Our $36 billion business was founded on a legacy of firsts spanning 130 years. We're building a safer, smarter, and more sustainable world through our technology and software across each of our 930 sites globally. Our impact is seen in every shape and size around the world. Our solutions are felt daily in aerospace, buildings and cities, retail, chemicals and materials, safety, industrial and manufacturing, safety, and supply chains.
**Discover More**
We've been innovating for more than 100 years and now we're creating what's next. There's a lot more available for you to discover. Our solutions, our case studies, our #futureshapers, and so much more. Learn more at careers.honeywell.com/us/en/
If you believe what happens tomorrow is determined by what we do today, you'll love working at Honeywell.
The future is what we make it. So, join us and let's do this together.
Honeywell is an equal opportunity employer, and we support a diverse workforce. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status. Aboriginal and Torres Strait Islander peoples are encouraged to apply.
**Copyright © 2025 Honeywell International Inc**
Honeywell helps organizations solve the world's most complex challenges in automation, the future of aviation and energy transition. As a trusted partner, we provide actionable solutions and innovation through our Aerospace Technologies, Building Automation, Energy and Sustainability Solutions, and Industrial Automation business segments - powered by our Honeywell Forge software - that help make the world smarter, safer and more sustainable.
Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, religion, or veteran status.
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
0
Senior Engineer, Product Security Engineering
Cyberjaya
Dell Technologies
Posted 13 days ago
Job Viewed
Job Description
Cybersecurity - Security Architecture
The Dell Security & Resiliency organization manages the security risk across all aspects of Dell's business. We are currently experiencing incredible growth in order to meet the security needs of the world's largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career.
Join us as a **Security Review Consultant** on our Cybersecurity - Security Architecture team in Malaysia to do the best work of your career and make a profound social impact.
**What** **you'll** **achieve**
As a Security Review Consultant, you will be responsible for performing security reviews on firewall change requests, proxy change requests, third-party access requests. You will also review the capabilities of any new technology being introduced into Dell to ensure they have the right capabilities required for use at Dell. You will work with Dell internal requesters to ensure that requested changes or technologies are secure and meet all Dell security requirements, and policies and standards. You will also participate in other security related projects and contribute to improvements of tools and processes that our Cybersecurity - Security Architecture team utilizes.
**You will:**
+ Evaluate information security solutions and processes to provide recommendations supporting Dell security standards.
+ Proactively manage all customer interactions in aprofessional manner with a strong emphasis on customer satisfaction.
+ Develop and maintain comprehensive documentation of engagements performed and findingsidentified.
+ Possess complete knowledge, and understanding, of assessing verification criteria against a set of cyber controls.
+ Utilize internal guidelines to properly fulfil client requests received via e-mail or internal ticketing systems in a timely and detail-oriented manner.
+ Participate in, or work directly on additional projects, assignments or initiatives as required.
**Take the first step towards your dream career**
Every Dell Technologies team member brings something unique to the table. Here's what we are looking for with this role:
**Essential Requirements**
+ 5+ years of professional information security experience with foundational knowledge of general application, cloud and network security concepts.
+ Strong knowledge of networking, cloud, infrastructure and application security fundamentals, concepts, and frameworks including common network protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.).
+ Excellent problem-solving skills with the ability to assess and derive security risk mitigation controls or solutions.
+ Customer-oriented with a strong interest in customer satisfaction as well as strong sense of accountability and drive for results.
+ Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner
+ The ability and desire to learn new technologies and concepts quickly.
+ Strong presentation, written and verbal communication skills.
**Desirable Qualifications**
+ Bachelor's degree in Information Systems, or a related field or relevant experience.
+ Individuals with relevant certifications preferred: ITIL, CISSP, CISM, CISP, Security+, Network+, Certified Ethical Hacker, etc.
+ Previous hands-on experience with, or knowledge of, security infrastructure (firewalls, proxy, etc.) and/or knowledge of application security (DevSecOps) a plus.
**Here's our story; now tell us yours**
Dell Technologies helps organizations and individuals build a brighter digital tomorrow. Our company is made up of more than 150,000 people, located in over 180 locations around the world. We're proud to be a diverse and inclusive team and have an endless passion for our mission to drive human progress.
What's most important to us is that you are respected, feel like you can be yourself and have the opportunity to do the best work of your life -- while still having a life. We offer excellent benefits, bonus programs, flexible work arrangements, a variety of career development opportunities, employee resource groups, and much more.
We started with computers, but we didn't stop there. We are helping customers move into the future with multi-cloud, AI and machine learning through the most innovative technology and services portfolio for the data era. Join us and become a part of what's next in technology, starting today.
You can also learn more about us by reading our latest Diversity and Inclusion Report and our plan to make the world a better place by 2030 here ( .
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Dell encourages applicants of all ages. Read the full Employment Opportunity Policy here ( .
**Job ID:** R
The Dell Security & Resiliency organization manages the security risk across all aspects of Dell's business. We are currently experiencing incredible growth in order to meet the security needs of the world's largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career.
Join us as a **Security Review Consultant** on our Cybersecurity - Security Architecture team in Malaysia to do the best work of your career and make a profound social impact.
**What** **you'll** **achieve**
As a Security Review Consultant, you will be responsible for performing security reviews on firewall change requests, proxy change requests, third-party access requests. You will also review the capabilities of any new technology being introduced into Dell to ensure they have the right capabilities required for use at Dell. You will work with Dell internal requesters to ensure that requested changes or technologies are secure and meet all Dell security requirements, and policies and standards. You will also participate in other security related projects and contribute to improvements of tools and processes that our Cybersecurity - Security Architecture team utilizes.
**You will:**
+ Evaluate information security solutions and processes to provide recommendations supporting Dell security standards.
+ Proactively manage all customer interactions in aprofessional manner with a strong emphasis on customer satisfaction.
+ Develop and maintain comprehensive documentation of engagements performed and findingsidentified.
+ Possess complete knowledge, and understanding, of assessing verification criteria against a set of cyber controls.
+ Utilize internal guidelines to properly fulfil client requests received via e-mail or internal ticketing systems in a timely and detail-oriented manner.
+ Participate in, or work directly on additional projects, assignments or initiatives as required.
**Take the first step towards your dream career**
Every Dell Technologies team member brings something unique to the table. Here's what we are looking for with this role:
**Essential Requirements**
+ 5+ years of professional information security experience with foundational knowledge of general application, cloud and network security concepts.
+ Strong knowledge of networking, cloud, infrastructure and application security fundamentals, concepts, and frameworks including common network protocols and services (FTP, HTTP, SSH, SMB, LDAP, etc.).
+ Excellent problem-solving skills with the ability to assess and derive security risk mitigation controls or solutions.
+ Customer-oriented with a strong interest in customer satisfaction as well as strong sense of accountability and drive for results.
+ Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner
+ The ability and desire to learn new technologies and concepts quickly.
+ Strong presentation, written and verbal communication skills.
**Desirable Qualifications**
+ Bachelor's degree in Information Systems, or a related field or relevant experience.
+ Individuals with relevant certifications preferred: ITIL, CISSP, CISM, CISP, Security+, Network+, Certified Ethical Hacker, etc.
+ Previous hands-on experience with, or knowledge of, security infrastructure (firewalls, proxy, etc.) and/or knowledge of application security (DevSecOps) a plus.
**Here's our story; now tell us yours**
Dell Technologies helps organizations and individuals build a brighter digital tomorrow. Our company is made up of more than 150,000 people, located in over 180 locations around the world. We're proud to be a diverse and inclusive team and have an endless passion for our mission to drive human progress.
What's most important to us is that you are respected, feel like you can be yourself and have the opportunity to do the best work of your life -- while still having a life. We offer excellent benefits, bonus programs, flexible work arrangements, a variety of career development opportunities, employee resource groups, and much more.
We started with computers, but we didn't stop there. We are helping customers move into the future with multi-cloud, AI and machine learning through the most innovative technology and services portfolio for the data era. Join us and become a part of what's next in technology, starting today.
You can also learn more about us by reading our latest Diversity and Inclusion Report and our plan to make the world a better place by 2030 here ( .
Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Dell encourages applicants of all ages. Read the full Employment Opportunity Policy here ( .
**Job ID:** R
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
1
Information Security Advisor
Perai
AUMOVIO
Posted today
Job Viewed
Job Description
**Company Description**
Since its spin-off in September 2025 AUMOVIO continues the business of the former Continental group sector Automotive as an independent company. The technology and electronics company offers a wide-ranging portfolio that makes mobility safe, exciting, connected, and autonomous. This includes sensor solutions, displays, braking and comfort systems as well as comprehensive expertise in software, architecture platforms, and assistance systems for software-defined vehicles. In the fiscal year 2024 the business areas, which now belong to AUMOVIO, generated sales of 19.6 billion Euro. The company is headquartered in Frankfurt, Germany and has about 87.000 employees in more than 100 locations worldwide.
**Job Description**
**OVERVIEW**
The Local Information Security Advisor (ISA) has the task to establish and drive Information Security (InfoSec) according to all relevant policies and guidelines on behalf of the InfoSec Officer (ISO) and the Regional InfoSec Manager (ISM).
By that the ISA has an essential role in the Information Security Management System (ISMS).
The Location Management commits itself to the InfoSec guidelines and targets and actively supports the InfoSec organization by appointing a ISA.
**The ISA:**
+ Works in close cooperation with all relevant local departments as well as with the Regional Security Manager (ISM).
+ Participates regularly in local management meetings.
+ Participates annually in a regional InfoSec Workshop organized by the ISM.
+ Supports all related local projects in order to ensure InfoSec conformity.
+ In the event of substantial deficiencies or severe incidents endangering the security of company information, the ISA must inform and escalate accordingly to relevant policies.
**Responsibilities on local level:**
Support responsible management in the appointed location(s):
+ Drive and monitor the implementation and usage of the existing ISMS (Information Security Management System) according to policies and guidelines as well as to business and customer requirements (e.g. ISO 27001, 8th European Directive, BSI).
+ Conduct and ensure regular trainings, provision of information and advice of all employees, managers and third parties.
+ Drive the appropriate classification of company proprietary information and adequate handling.
+ Conduct or support risk management activities (i.e. risk assessments, business impact analysis).
+ Monitor the development and maintenance of local emergency- and contingency plans.
+ Advise in all local aspects of identity- and authorization management.
+ Drive secure collaboration and integration of business partners.
+ Drive, track, and report detection and remediation of vulnerabilities.
+ Monitor and control the effectiveness of InfoSec projects and implemented measures.
+ Drive usage of InfoSec processes and tools including documentation.
+ Monitor execution of InfoSec reviews and conduct local inspections regularly.
+ Execute actions and projects agreed on with the location management and ISM.
+ Keep location informed about InfoSec regulations, warnings and news on current/new incidents.
**Qualifications**
+ Degree in computer science or information system or Cyber Security or other relevant degree with minimum 2 years' experience in related field.
+ General knowledge about InfoSec related standards, processes and tools.
+ Good knowledge of internal organization and local business and processes.
+ Good knowledge of the local infrastructure- and application landscape.
+ Basic knowledge of InfoSec rules and related laws.
+ Ability to motivate others and raise awareness for InfoSec related risks and threats.
+ Ability to balance potential risks and costs of protective measures.
+ Training user on new or improved business processes.
+ Experience in IT and Cyber/Info Security in manufacturing environment will be added advantage.
+ Interest in new technologies and willingness to learn.
**Additional Information**
Ready to take your career to the next level? The future of mobility isn't just anyone's job. Make it yours! **Join AUMOVIO. Own What's Next.**
Since its spin-off in September 2025 AUMOVIO continues the business of the former Continental group sector Automotive as an independent company. The technology and electronics company offers a wide-ranging portfolio that makes mobility safe, exciting, connected, and autonomous. This includes sensor solutions, displays, braking and comfort systems as well as comprehensive expertise in software, architecture platforms, and assistance systems for software-defined vehicles. In the fiscal year 2024 the business areas, which now belong to AUMOVIO, generated sales of 19.6 billion Euro. The company is headquartered in Frankfurt, Germany and has about 87.000 employees in more than 100 locations worldwide.
**Job Description**
**OVERVIEW**
The Local Information Security Advisor (ISA) has the task to establish and drive Information Security (InfoSec) according to all relevant policies and guidelines on behalf of the InfoSec Officer (ISO) and the Regional InfoSec Manager (ISM).
By that the ISA has an essential role in the Information Security Management System (ISMS).
The Location Management commits itself to the InfoSec guidelines and targets and actively supports the InfoSec organization by appointing a ISA.
**The ISA:**
+ Works in close cooperation with all relevant local departments as well as with the Regional Security Manager (ISM).
+ Participates regularly in local management meetings.
+ Participates annually in a regional InfoSec Workshop organized by the ISM.
+ Supports all related local projects in order to ensure InfoSec conformity.
+ In the event of substantial deficiencies or severe incidents endangering the security of company information, the ISA must inform and escalate accordingly to relevant policies.
**Responsibilities on local level:**
Support responsible management in the appointed location(s):
+ Drive and monitor the implementation and usage of the existing ISMS (Information Security Management System) according to policies and guidelines as well as to business and customer requirements (e.g. ISO 27001, 8th European Directive, BSI).
+ Conduct and ensure regular trainings, provision of information and advice of all employees, managers and third parties.
+ Drive the appropriate classification of company proprietary information and adequate handling.
+ Conduct or support risk management activities (i.e. risk assessments, business impact analysis).
+ Monitor the development and maintenance of local emergency- and contingency plans.
+ Advise in all local aspects of identity- and authorization management.
+ Drive secure collaboration and integration of business partners.
+ Drive, track, and report detection and remediation of vulnerabilities.
+ Monitor and control the effectiveness of InfoSec projects and implemented measures.
+ Drive usage of InfoSec processes and tools including documentation.
+ Monitor execution of InfoSec reviews and conduct local inspections regularly.
+ Execute actions and projects agreed on with the location management and ISM.
+ Keep location informed about InfoSec regulations, warnings and news on current/new incidents.
**Qualifications**
+ Degree in computer science or information system or Cyber Security or other relevant degree with minimum 2 years' experience in related field.
+ General knowledge about InfoSec related standards, processes and tools.
+ Good knowledge of internal organization and local business and processes.
+ Good knowledge of the local infrastructure- and application landscape.
+ Basic knowledge of InfoSec rules and related laws.
+ Ability to motivate others and raise awareness for InfoSec related risks and threats.
+ Ability to balance potential risks and costs of protective measures.
+ Training user on new or improved business processes.
+ Experience in IT and Cyber/Info Security in manufacturing environment will be added advantage.
+ Interest in new technologies and willingness to learn.
**Additional Information**
Ready to take your career to the next level? The future of mobility isn't just anyone's job. Make it yours! **Join AUMOVIO. Own What's Next.**
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
2
Senior Information Security Incident Response Lead
Petaling Jaya, Selangor
NTT America, Inc.
Posted 13 days ago
Job Viewed
Job Description
**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Key Responsibilities:**
+ Lead and manage complex security incidents, acting as a key contact for stakeholders.
+ Perform deep analysis of security alerts to identify, mitigate, and remediate threats.
+ Conduct forensic investigations on compromised hosts, networks, and cloud environments.
+ Proactively hunt for adversarial activity and anomalous behaviors across large datasets.
+ Analyze malware samples (basic level) to determine functionality, impact, and mitigation strategies.
+ Develop and refine detection rules, improving alert fidelity and response workflows.
+ Contribute to threat intelligence gathering, analyzing attack patterns, and enhancing defensive strategies.
+ Participate in red teaming or penetration testing activities to identify and remediate vulnerabilities.
+ Provide strategic recommendations for improving the organization's security posture.
+ Create detailed incident reports, threat intelligence assessments, and executive summaries.
+ Mentor and provide guidance to junior analysts, fostering continuous improvement in IR methodologies.
**Knowledge and Attributes:**
+ Ability to communicate and work across different cultures and social groups.
+ Ability to plan activities and projects well in advance, and takes into account possible changing circumstances.
+ Ability to maintain a positive outlook at work.
+ Ability to work well in a pressurized environment.
+ Ability to work hard and put in longer hours when it is necessary.
+ Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting.
+ Ability to adapt to changing circumstances.
+ Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey.
**Academic Qualifications and Certifications:**
+ Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
+ Minimum of 5 years of experience in cybersecurity, with at least 2 years in incident response, threat hunting, or forensic analysis.
**Required experience:**
+ Extensive experience responding to targeted attacks from APT groups, cybercriminals, and nation-state actors.
+ Strong forensic analysis skills across Windows, Linux, and macOS systems.
+ Expertise in network forensics, traffic analysis, and packet inspection (Wireshark, Zeek).
+ Proficiency in SIEM platforms (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Microsoft Defender ATP).
+ Knowledge of malware analysis techniques, including static and dynamic analysis.
+ Familiarity with cloud security investigations (AWS, Azure, GCP).
+ Strong scripting skills in Python, PowerShell, or similar languages for automation.
+ Understanding of security architecture, authentication mechanisms, and enterprise IT operations is a plus.
+ Experience with vulnerability management, red teaming, or penetration testing is a plus.
+ Familiarity with MITRE ATT&CK framework and various cyber threat intelligence methodologies.
**Preferred Certifications:**
+ GIAC (GCFA, GNFA, GCIH, GCIA, GREM)
+ CISSP (Certified Information Systems Security Professional)
+ CEH (Certified Ethical Hacker)
+ OSCP (Offensive Security Certified Professional)
+ Cloud Security Certifications (AWS Security Specialty, Microsoft Azure Security)
**Key Competencies:**
+ Strong analytical and problem-solving skills in high-pressure situations.
+ Ability to manage multiple investigations efficiently while meeting deadlines.
+ Excellent verbal and written communication skills, with the ability to convey technical details to varied audiences.
+ Strong team collaboration and leadership skills, with a proactive approach to knowledge sharing.
+ Ability to work in a fast-paced environment and adapt to evolving threats and challenges.
#LI-APAC
**Workplace type** **:**
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Key Responsibilities:**
+ Lead and manage complex security incidents, acting as a key contact for stakeholders.
+ Perform deep analysis of security alerts to identify, mitigate, and remediate threats.
+ Conduct forensic investigations on compromised hosts, networks, and cloud environments.
+ Proactively hunt for adversarial activity and anomalous behaviors across large datasets.
+ Analyze malware samples (basic level) to determine functionality, impact, and mitigation strategies.
+ Develop and refine detection rules, improving alert fidelity and response workflows.
+ Contribute to threat intelligence gathering, analyzing attack patterns, and enhancing defensive strategies.
+ Participate in red teaming or penetration testing activities to identify and remediate vulnerabilities.
+ Provide strategic recommendations for improving the organization's security posture.
+ Create detailed incident reports, threat intelligence assessments, and executive summaries.
+ Mentor and provide guidance to junior analysts, fostering continuous improvement in IR methodologies.
**Knowledge and Attributes:**
+ Ability to communicate and work across different cultures and social groups.
+ Ability to plan activities and projects well in advance, and takes into account possible changing circumstances.
+ Ability to maintain a positive outlook at work.
+ Ability to work well in a pressurized environment.
+ Ability to work hard and put in longer hours when it is necessary.
+ Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting.
+ Ability to adapt to changing circumstances.
+ Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey.
**Academic Qualifications and Certifications:**
+ Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
+ Minimum of 5 years of experience in cybersecurity, with at least 2 years in incident response, threat hunting, or forensic analysis.
**Required experience:**
+ Extensive experience responding to targeted attacks from APT groups, cybercriminals, and nation-state actors.
+ Strong forensic analysis skills across Windows, Linux, and macOS systems.
+ Expertise in network forensics, traffic analysis, and packet inspection (Wireshark, Zeek).
+ Proficiency in SIEM platforms (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Microsoft Defender ATP).
+ Knowledge of malware analysis techniques, including static and dynamic analysis.
+ Familiarity with cloud security investigations (AWS, Azure, GCP).
+ Strong scripting skills in Python, PowerShell, or similar languages for automation.
+ Understanding of security architecture, authentication mechanisms, and enterprise IT operations is a plus.
+ Experience with vulnerability management, red teaming, or penetration testing is a plus.
+ Familiarity with MITRE ATT&CK framework and various cyber threat intelligence methodologies.
**Preferred Certifications:**
+ GIAC (GCFA, GNFA, GCIH, GCIA, GREM)
+ CISSP (Certified Information Systems Security Professional)
+ CEH (Certified Ethical Hacker)
+ OSCP (Offensive Security Certified Professional)
+ Cloud Security Certifications (AWS Security Specialty, Microsoft Azure Security)
**Key Competencies:**
+ Strong analytical and problem-solving skills in high-pressure situations.
+ Ability to manage multiple investigations efficiently while meeting deadlines.
+ Excellent verbal and written communication skills, with the ability to convey technical details to varied audiences.
+ Strong team collaboration and leadership skills, with a proactive approach to knowledge sharing.
+ Ability to work in a fast-paced environment and adapt to evolving threats and challenges.
#LI-APAC
**Workplace type** **:**
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
3
Analyst 5, Security
SanDisk
Posted 4 days ago
Job Viewed
Job Description
**Company Description**
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
We are seeking a highly skilled and experienced **Senior Firewall Engineer** to join our cybersecurity team. This role is critical to maintaining and enhancing our network security posture across multiple platforms. The ideal candidate will have deep expertise in Next Generation Firewall technologies such as Palo Alto Networks, or Fortinet, or Cisco firewall technologies, and will play a key role in designing, implementing, and managing firewall policies and infrastructure.
**Key Responsibilities**
+ Design, implement, and manage firewall policies across multiple firewalls.
+ Administer and optimize centralized management of firewalls.
+ Perform rule reviews, object reuse, and policy optimization to ensure efficient and secure configurations.
+ Collaborate with network and security teams to support secure architecture and segmentation.
+ Monitor and respond to firewall-related alerts and incidents.
+ Conduct regular audits and compliance checks on firewall configurations.
+ Lead firewall migrations, upgrades, and integrations with other security tools.
+ Document configurations, change requests, and operational procedures.
**Qualifications**
**Required**
+ 5+ years of hands-on experience managing enterprise firewalls.
+ Strong expertise in Palo Alto Networks Firewalls, Fortinet FortiGate, or Cisco ASA/Firepower.
+ Strong expertise in Panorama, FortiManager, or **Cisco Secure Firewall Management Center**
+ Solid understanding of network protocols, routing, and VPN technologies.
+ Familiarity with rule lifecycle management and change control processes.
+ Experience with logging, monitoring, and troubleshooting firewall traffic.
**Preferred**
+ Palo Alto Networks certifications (e.g., PCNSA, PCNSE).
+ Fortinet NSE certifications.
+ Cisco CCNP Security or equivalent
+ CISSP
+ Experience with automation tools (e.g., Ansible, Terraform) for firewall management.
+ Knowledge of Zero Trust architecture and segmentation strategies.
+ Operational Technology Background/Experience
**Skills**
+ Excellent analytical and problem-solving skills.
+ Strong communication and documentation abilities.
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
We are seeking a highly skilled and experienced **Senior Firewall Engineer** to join our cybersecurity team. This role is critical to maintaining and enhancing our network security posture across multiple platforms. The ideal candidate will have deep expertise in Next Generation Firewall technologies such as Palo Alto Networks, or Fortinet, or Cisco firewall technologies, and will play a key role in designing, implementing, and managing firewall policies and infrastructure.
**Key Responsibilities**
+ Design, implement, and manage firewall policies across multiple firewalls.
+ Administer and optimize centralized management of firewalls.
+ Perform rule reviews, object reuse, and policy optimization to ensure efficient and secure configurations.
+ Collaborate with network and security teams to support secure architecture and segmentation.
+ Monitor and respond to firewall-related alerts and incidents.
+ Conduct regular audits and compliance checks on firewall configurations.
+ Lead firewall migrations, upgrades, and integrations with other security tools.
+ Document configurations, change requests, and operational procedures.
**Qualifications**
**Required**
+ 5+ years of hands-on experience managing enterprise firewalls.
+ Strong expertise in Palo Alto Networks Firewalls, Fortinet FortiGate, or Cisco ASA/Firepower.
+ Strong expertise in Panorama, FortiManager, or **Cisco Secure Firewall Management Center**
+ Solid understanding of network protocols, routing, and VPN technologies.
+ Familiarity with rule lifecycle management and change control processes.
+ Experience with logging, monitoring, and troubleshooting firewall traffic.
**Preferred**
+ Palo Alto Networks certifications (e.g., PCNSA, PCNSE).
+ Fortinet NSE certifications.
+ Cisco CCNP Security or equivalent
+ CISSP
+ Experience with automation tools (e.g., Ansible, Terraform) for firewall management.
+ Knowledge of Zero Trust architecture and segmentation strategies.
+ Operational Technology Background/Experience
**Skills**
+ Excellent analytical and problem-solving skills.
+ Strong communication and documentation abilities.
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
4
Cybersecurity Analyst (Cloud Security)
Kuala Lumpur, Kuala Lumpur
Upscale Sdn Bhd
Posted 2 days ago
Job Viewed
Job Description
We are seeking a passionate and detail-oriented Cybersecurity Analyst with 13 years of hands-on experience and a CCSP (Certified Cloud Security Professional) certification. The ideal candidate will be responsible for protecting the organizations cloud infrastructure, ensuring compliance with cybersecurity frameworks, and supporting continuous improvement of our security posture.
Key Responsibilities:-
Implement and monitor cloud security controls across platforms such as AWS, Azure, or Google Cloud.
-
Conduct vulnerability assessments , risk analysis , and assist in incident response activities.
-
Work with IT and DevOps teams to ensure secure cloud architecture and data protection practices.
-
Support security policy development , configuration management, and compliance audits (e.g., ISO 27001, PDPA, NIST).
-
Perform security monitoring using SIEM tools and escalate potential threats for remediation.
-
Assist in developing and maintaining disaster recovery and business continuity plans.
-
Stay updated with emerging cybersecurity threats and recommend preventive measures .
-
Provide training or awareness sessions to staff on cyber hygiene and cloud best practices .
Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field.
-
1-3 years of professional experience in information security, cloud security, or IT infrastructure.
-
CCSP certification (mandatory).
-
Good understanding of cloud platforms (AWS, Azure, GCP) and their native security features.
-
Familiarity with firewalls, IDS/IPS, endpoint protection , and security monitoring tools .
-
Knowledge of network protocols , identity & access management (IAM) , and encryption technologies .
-
Awareness of relevant regulatory frameworks in Malaysia such as PDPA and Bank Negara Malaysia's RMiT guidelines (advantageous).
-
Strong analytical, communication, and problem-solving skills.
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
5
Analyst 4, IT Security
SanDisk
Posted 13 days ago
Job Viewed
Job Description
**Company Description**
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
As Information Security Analyst 4, you will be critical in advancing Sandisk's information security Governance, Risk Management, and Compliance (GRC) program. You will develop and implement global, company-wide information security risk management frameworks, policies, and procedures. You will manage and assess information security risks and develop robust risk management strategies in partnership with global operations and manufacturing teams. You will collaborate with guidance and analysis to enhance our information security posture and ensure compliance with industry standards and regulations.
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
+ Implement global enterprise-wide risk management frameworks that aligns with industry standards (e.g. ISO27001, NIST etc).
+ Act as a liaison between Information Security and Sandisk teams in Penang to ensure alignment of cybersecurity policies with operational and manufacturing requirements.
+ Perform technical and business process risk assessment activities to identify, evaluate, and prioritize information security risks across the organization, including threats, vulnerabilities, and potential impacts to information and technology assets.
+ Develop and drive implementation of effective technical and non-technical risk management strategies to mitigate identified risks, ensuring alignment with industry best practices and regulatory requirements.
+ Collaborate across the organization to ensure the integration of risk management practices into organizational processes and projects.
+ Analyze security data to identify trends, vulnerabilities, and areas for improvement.
+ Collaborate with internal and external auditors to facilitate security audits and assessments.
+ Stay current with industry trends, emerging threats, and best practices for information security and risk management.
+ Provide guidance and support in developing and maintaining information security policies, standards, and procedures.
**Qualifications**
REQUIRED:
+ Bachelor's degree in Information Security, Computer Science, or equivalent work experience.
+ 4+ years of experience in information security, including risk management, risk assessments, reporting, and metrics analysis, and hands-on with at least one of the following: security engineering, network security, identity and access management, security operations, and/or software development security.
+ 2+ years of experience in technical roles, or similar technical proficiency are highly desirable.
PREFERRED:
+ Strong leadership, communication, and stakeholder management skills with the ability to bridge technical InfoSec requirements and operational priorities across factory and office environments
+ Excellent analytical and problem-solving skills with attention to detail
+ Ability to work independently and collaboratively in a fast-paced environment
+ Proficiency in risk assessments, vulnerability assessments, and compliance audits
+ Strong understanding of information security frameworks, standards, and best practices (e.g., ISO 27001, NIST, GDPR)
+ Relevant certifications such as CISSP, CISM, CRISC, GSNA or similar are desirable
+ Technical certifications such as GCIH, GPEN, CEH, OSCP or similar are desirable
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
As Information Security Analyst 4, you will be critical in advancing Sandisk's information security Governance, Risk Management, and Compliance (GRC) program. You will develop and implement global, company-wide information security risk management frameworks, policies, and procedures. You will manage and assess information security risks and develop robust risk management strategies in partnership with global operations and manufacturing teams. You will collaborate with guidance and analysis to enhance our information security posture and ensure compliance with industry standards and regulations.
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
+ Implement global enterprise-wide risk management frameworks that aligns with industry standards (e.g. ISO27001, NIST etc).
+ Act as a liaison between Information Security and Sandisk teams in Penang to ensure alignment of cybersecurity policies with operational and manufacturing requirements.
+ Perform technical and business process risk assessment activities to identify, evaluate, and prioritize information security risks across the organization, including threats, vulnerabilities, and potential impacts to information and technology assets.
+ Develop and drive implementation of effective technical and non-technical risk management strategies to mitigate identified risks, ensuring alignment with industry best practices and regulatory requirements.
+ Collaborate across the organization to ensure the integration of risk management practices into organizational processes and projects.
+ Analyze security data to identify trends, vulnerabilities, and areas for improvement.
+ Collaborate with internal and external auditors to facilitate security audits and assessments.
+ Stay current with industry trends, emerging threats, and best practices for information security and risk management.
+ Provide guidance and support in developing and maintaining information security policies, standards, and procedures.
**Qualifications**
REQUIRED:
+ Bachelor's degree in Information Security, Computer Science, or equivalent work experience.
+ 4+ years of experience in information security, including risk management, risk assessments, reporting, and metrics analysis, and hands-on with at least one of the following: security engineering, network security, identity and access management, security operations, and/or software development security.
+ 2+ years of experience in technical roles, or similar technical proficiency are highly desirable.
PREFERRED:
+ Strong leadership, communication, and stakeholder management skills with the ability to bridge technical InfoSec requirements and operational priorities across factory and office environments
+ Excellent analytical and problem-solving skills with attention to detail
+ Ability to work independently and collaboratively in a fast-paced environment
+ Proficiency in risk assessments, vulnerability assessments, and compliance audits
+ Strong understanding of information security frameworks, standards, and best practices (e.g., ISO 27001, NIST, GDPR)
+ Relevant certifications such as CISSP, CISM, CRISC, GSNA or similar are desirable
+ Technical certifications such as GCIH, GPEN, CEH, OSCP or similar are desirable
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Security engineer Jobs in Malaysia !
6
Analyst 4, IT Security
SanDisk
Posted 13 days ago
Job Viewed
Job Description
**Company Description**
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
As an Information Security Analyst 4, you will play a pivotal role in advancing Sandisk's Information Security Governance, Risk Management, and Compliance (GRC) program. You will be a key contributor to the Responsible GenAI Program, leading security risk assessments, collaborating with cross-functional teams, and helping operationalize governance processes. You will work closely with business stakeholders, Legal, IT, and Information Security to ensure GenAI use cases are evaluated, de-risked, and aligned with Western Digital's security and compliance standards. Additionally, you will support the development, enhancement, and implementation of enterprise-wide information security risk management frameworks, policies, and procedures aligned with industry standards, regulatory requirements, and organizational objectives. Your expertise will help strengthen our security posture and ensure compliance across the organization.
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
As Responsible GenAI Program Operator and Assessor :
+ Operate and manage the Responsible GenAI program, overseeing intake, coordination, and tracking of GenAI use cases, platforms, and vendors.
+ Conduct GenAI risk assessments focused on data sensitivity, access controls, model interfaces, and memory sources, recommending mitigation strategies for high-risk use cases.
+ Ensure compliance with legal and regulatory standards by collaborating with Legal and procurement SMEs on privacy, licensing, and governance requirements.
+ Integrate GenAI risk practices into procurement, vendor management, and IT risk workflows to strengthen enterprise-wide governance.
+ Support policy development and continuous improvement, contributing to GenAI governance documentation and Enablement Committee reviews for high-risk or pilot use cases.
As GRC Security Analyst :
+ Implement enterprise-wide risk management frameworks aligned with ISO 27001, NIST CSF 2.0, and other industry standards.
+ Conduct technical and business process risk assessments to identify, evaluate, and mitigate information security risks.
+ Collaborate cross-functionally to embed risk management into organizational processes, projects, and compliance initiatives.
+ Support audits and reporting by generating risk metrics and assisting with internal and external security assessments.
**Qualifications**
REQUIRED:
+ Bachelor's degree in Information Security, Computer Science, or a related field, with 4+ years of experience in Information Security, focusing on GRC or risk management.
+ Expertise in risk assessments across technical and business processes, including working knowledge of SANS, OWASP, and CSA AI security frameworks.
+ Familiarity with GenAI technologies and risks, including prompt injection and data leakage, and understanding of responsible AI principles.
+ Knowledge of AI governance standards, including ISO 42001/42005 and NIST AI RMF; 2+ years of experience with AI technologies and technical roles is highly desirable.
PREFERRED:
+ Security/GRC: CISSP, CISM, CRISC, GSNA (or equivalent)
+ Technical: GCIH, GPEN, CEH, OSCP (or equivalent)
+ Experience supporting AI/ML or GenAI programs in a governance or security role is highly desirable
SKILLS:
+ Strong communication and stakeholder engagement skills, with the ability to thrive in fast-paced, cross-functional environments.
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Sandisk understands how people and businesses consume data and we relentlessly innovate to deliver solutions that enable today's needs and tomorrow's next big ideas. With a rich history of groundbreaking innovations in Flash and advanced memory technologies, our solutions have become the beating heart of the digital world we're living in and that we have the power to shape.
Sandisk meets people and businesses at the intersection of their aspirations and the moment, enabling them to keep moving and pushing possibility forward. We do this through the balance of our powerhouse manufacturing capabilities and our industry-leading portfolio of products that are recognized globally for innovation, performance and quality.
Sandisk has two facilities recognized by the World Economic Forum as part of the Global Lighthouse Network for advanced 4IR innovations. These facilities were also recognized as Sustainability Lighthouses for breakthroughs in efficient operations. With our global reach, we ensure the global supply chain has access to the Flash memory it needs to keep our world moving forward.
**Job Description**
As an Information Security Analyst 4, you will play a pivotal role in advancing Sandisk's Information Security Governance, Risk Management, and Compliance (GRC) program. You will be a key contributor to the Responsible GenAI Program, leading security risk assessments, collaborating with cross-functional teams, and helping operationalize governance processes. You will work closely with business stakeholders, Legal, IT, and Information Security to ensure GenAI use cases are evaluated, de-risked, and aligned with Western Digital's security and compliance standards. Additionally, you will support the development, enhancement, and implementation of enterprise-wide information security risk management frameworks, policies, and procedures aligned with industry standards, regulatory requirements, and organizational objectives. Your expertise will help strengthen our security posture and ensure compliance across the organization.
**ESSENTIAL DUTIES AND RESPONSIBILITIES:**
As Responsible GenAI Program Operator and Assessor :
+ Operate and manage the Responsible GenAI program, overseeing intake, coordination, and tracking of GenAI use cases, platforms, and vendors.
+ Conduct GenAI risk assessments focused on data sensitivity, access controls, model interfaces, and memory sources, recommending mitigation strategies for high-risk use cases.
+ Ensure compliance with legal and regulatory standards by collaborating with Legal and procurement SMEs on privacy, licensing, and governance requirements.
+ Integrate GenAI risk practices into procurement, vendor management, and IT risk workflows to strengthen enterprise-wide governance.
+ Support policy development and continuous improvement, contributing to GenAI governance documentation and Enablement Committee reviews for high-risk or pilot use cases.
As GRC Security Analyst :
+ Implement enterprise-wide risk management frameworks aligned with ISO 27001, NIST CSF 2.0, and other industry standards.
+ Conduct technical and business process risk assessments to identify, evaluate, and mitigate information security risks.
+ Collaborate cross-functionally to embed risk management into organizational processes, projects, and compliance initiatives.
+ Support audits and reporting by generating risk metrics and assisting with internal and external security assessments.
**Qualifications**
REQUIRED:
+ Bachelor's degree in Information Security, Computer Science, or a related field, with 4+ years of experience in Information Security, focusing on GRC or risk management.
+ Expertise in risk assessments across technical and business processes, including working knowledge of SANS, OWASP, and CSA AI security frameworks.
+ Familiarity with GenAI technologies and risks, including prompt injection and data leakage, and understanding of responsible AI principles.
+ Knowledge of AI governance standards, including ISO 42001/42005 and NIST AI RMF; 2+ years of experience with AI technologies and technical roles is highly desirable.
PREFERRED:
+ Security/GRC: CISSP, CISM, CRISC, GSNA (or equivalent)
+ Technical: GCIH, GPEN, CEH, OSCP (or equivalent)
+ Experience supporting AI/ML or GenAI programs in a governance or security role is highly desirable
SKILLS:
+ Strong communication and stakeholder engagement skills, with the ability to thrive in fast-paced, cross-functional environments.
**Additional Information**
Sandisk thrives on the power and potential of diversity. As a global company, we believe the most effective way to embrace the diversity of our customers and communities is to mirror it from within. We believe the fusion of various perspectives results in the best outcomes for our employees, our company, our customers, and the world around us. We are committed to an inclusive environment where every individual can thrive through a sense of belonging, respect and contribution.
Sandisk is committed to offering opportunities to applicants with disabilities and ensuring all candidates can successfully navigate our careers website and our hiring process. Please contact us at ( ) to advise us of your accommodation request. In your email, please include a description of the specific accommodation you are requesting as well as the job title and requisition number of the position for which you are applying.
**NOTICE TO CANDIDATES:** Sandisk has received reports of scams where a payment is requested on Sandisk's behalf as a condition for receiving an offer of employment. Please be aware that Sandisk and its subsidiaries will never request payment as a condition for applying for a position or receiving an offer of employment. Should you encounter any such requests, please report it immediately to Sandisk Ethics Helpline ( or email
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
7