What Jobs are available for Security Policy Development in Malaysia?
Showing 2 Security Policy Development jobs in Malaysia
Information Security Advisor
Perai
AUMOVIO
Posted 1 day ago
Job Viewed
Job Description
**Company Description**
Since its spin-off in September 2025 AUMOVIO continues the business of the former Continental group sector Automotive as an independent company. The technology and electronics company offers a wide-ranging portfolio that makes mobility safe, exciting, connected, and autonomous. This includes sensor solutions, displays, braking and comfort systems as well as comprehensive expertise in software, architecture platforms, and assistance systems for software-defined vehicles. In the fiscal year 2024 the business areas, which now belong to AUMOVIO, generated sales of 19.6 billion Euro. The company is headquartered in Frankfurt, Germany and has about 87.000 employees in more than 100 locations worldwide.
**Job Description**
**OVERVIEW**
The Local Information Security Advisor (ISA) has the task to establish and drive Information Security (InfoSec) according to all relevant policies and guidelines on behalf of the InfoSec Officer (ISO) and the Regional InfoSec Manager (ISM).
By that the ISA has an essential role in the Information Security Management System (ISMS).
The Location Management commits itself to the InfoSec guidelines and targets and actively supports the InfoSec organization by appointing a ISA.
**The ISA:**
+ Works in close cooperation with all relevant local departments as well as with the Regional Security Manager (ISM).
+ Participates regularly in local management meetings.
+ Participates annually in a regional InfoSec Workshop organized by the ISM.
+ Supports all related local projects in order to ensure InfoSec conformity.
+ In the event of substantial deficiencies or severe incidents endangering the security of company information, the ISA must inform and escalate accordingly to relevant policies.
**Responsibilities on local level:**
Support responsible management in the appointed location(s):
+ Drive and monitor the implementation and usage of the existing ISMS (Information Security Management System) according to policies and guidelines as well as to business and customer requirements (e.g. ISO 27001, 8th European Directive, BSI).
+ Conduct and ensure regular trainings, provision of information and advice of all employees, managers and third parties.
+ Drive the appropriate classification of company proprietary information and adequate handling.
+ Conduct or support risk management activities (i.e. risk assessments, business impact analysis).
+ Monitor the development and maintenance of local emergency- and contingency plans.
+ Advise in all local aspects of identity- and authorization management.
+ Drive secure collaboration and integration of business partners.
+ Drive, track, and report detection and remediation of vulnerabilities.
+ Monitor and control the effectiveness of InfoSec projects and implemented measures.
+ Drive usage of InfoSec processes and tools including documentation.
+ Monitor execution of InfoSec reviews and conduct local inspections regularly.
+ Execute actions and projects agreed on with the location management and ISM.
+ Keep location informed about InfoSec regulations, warnings and news on current/new incidents.
**Qualifications**
+ Degree in computer science or information system or Cyber Security or other relevant degree with minimum 2 years' experience in related field.
+ General knowledge about InfoSec related standards, processes and tools.
+ Good knowledge of internal organization and local business and processes.
+ Good knowledge of the local infrastructure- and application landscape.
+ Basic knowledge of InfoSec rules and related laws.
+ Ability to motivate others and raise awareness for InfoSec related risks and threats.
+ Ability to balance potential risks and costs of protective measures.
+ Training user on new or improved business processes.
+ Experience in IT and Cyber/Info Security in manufacturing environment will be added advantage.
+ Interest in new technologies and willingness to learn.
**Additional Information**
Ready to take your career to the next level? The future of mobility isn't just anyone's job. Make it yours! **Join AUMOVIO. Own What's Next.**
Since its spin-off in September 2025 AUMOVIO continues the business of the former Continental group sector Automotive as an independent company. The technology and electronics company offers a wide-ranging portfolio that makes mobility safe, exciting, connected, and autonomous. This includes sensor solutions, displays, braking and comfort systems as well as comprehensive expertise in software, architecture platforms, and assistance systems for software-defined vehicles. In the fiscal year 2024 the business areas, which now belong to AUMOVIO, generated sales of 19.6 billion Euro. The company is headquartered in Frankfurt, Germany and has about 87.000 employees in more than 100 locations worldwide.
**Job Description**
**OVERVIEW**
The Local Information Security Advisor (ISA) has the task to establish and drive Information Security (InfoSec) according to all relevant policies and guidelines on behalf of the InfoSec Officer (ISO) and the Regional InfoSec Manager (ISM).
By that the ISA has an essential role in the Information Security Management System (ISMS).
The Location Management commits itself to the InfoSec guidelines and targets and actively supports the InfoSec organization by appointing a ISA.
**The ISA:**
+ Works in close cooperation with all relevant local departments as well as with the Regional Security Manager (ISM).
+ Participates regularly in local management meetings.
+ Participates annually in a regional InfoSec Workshop organized by the ISM.
+ Supports all related local projects in order to ensure InfoSec conformity.
+ In the event of substantial deficiencies or severe incidents endangering the security of company information, the ISA must inform and escalate accordingly to relevant policies.
**Responsibilities on local level:**
Support responsible management in the appointed location(s):
+ Drive and monitor the implementation and usage of the existing ISMS (Information Security Management System) according to policies and guidelines as well as to business and customer requirements (e.g. ISO 27001, 8th European Directive, BSI).
+ Conduct and ensure regular trainings, provision of information and advice of all employees, managers and third parties.
+ Drive the appropriate classification of company proprietary information and adequate handling.
+ Conduct or support risk management activities (i.e. risk assessments, business impact analysis).
+ Monitor the development and maintenance of local emergency- and contingency plans.
+ Advise in all local aspects of identity- and authorization management.
+ Drive secure collaboration and integration of business partners.
+ Drive, track, and report detection and remediation of vulnerabilities.
+ Monitor and control the effectiveness of InfoSec projects and implemented measures.
+ Drive usage of InfoSec processes and tools including documentation.
+ Monitor execution of InfoSec reviews and conduct local inspections regularly.
+ Execute actions and projects agreed on with the location management and ISM.
+ Keep location informed about InfoSec regulations, warnings and news on current/new incidents.
**Qualifications**
+ Degree in computer science or information system or Cyber Security or other relevant degree with minimum 2 years' experience in related field.
+ General knowledge about InfoSec related standards, processes and tools.
+ Good knowledge of internal organization and local business and processes.
+ Good knowledge of the local infrastructure- and application landscape.
+ Basic knowledge of InfoSec rules and related laws.
+ Ability to motivate others and raise awareness for InfoSec related risks and threats.
+ Ability to balance potential risks and costs of protective measures.
+ Training user on new or improved business processes.
+ Experience in IT and Cyber/Info Security in manufacturing environment will be added advantage.
+ Interest in new technologies and willingness to learn.
**Additional Information**
Ready to take your career to the next level? The future of mobility isn't just anyone's job. Make it yours! **Join AUMOVIO. Own What's Next.**
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
0
Senior Information Security Incident Response Lead
Petaling Jaya, Selangor
NTT America, Inc.
Posted 14 days ago
Job Viewed
Job Description
**Make an impact with NTT DATA**
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Key Responsibilities:**
+ Lead and manage complex security incidents, acting as a key contact for stakeholders.
+ Perform deep analysis of security alerts to identify, mitigate, and remediate threats.
+ Conduct forensic investigations on compromised hosts, networks, and cloud environments.
+ Proactively hunt for adversarial activity and anomalous behaviors across large datasets.
+ Analyze malware samples (basic level) to determine functionality, impact, and mitigation strategies.
+ Develop and refine detection rules, improving alert fidelity and response workflows.
+ Contribute to threat intelligence gathering, analyzing attack patterns, and enhancing defensive strategies.
+ Participate in red teaming or penetration testing activities to identify and remediate vulnerabilities.
+ Provide strategic recommendations for improving the organization's security posture.
+ Create detailed incident reports, threat intelligence assessments, and executive summaries.
+ Mentor and provide guidance to junior analysts, fostering continuous improvement in IR methodologies.
**Knowledge and Attributes:**
+ Ability to communicate and work across different cultures and social groups.
+ Ability to plan activities and projects well in advance, and takes into account possible changing circumstances.
+ Ability to maintain a positive outlook at work.
+ Ability to work well in a pressurized environment.
+ Ability to work hard and put in longer hours when it is necessary.
+ Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting.
+ Ability to adapt to changing circumstances.
+ Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey.
**Academic Qualifications and Certifications:**
+ Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
+ Minimum of 5 years of experience in cybersecurity, with at least 2 years in incident response, threat hunting, or forensic analysis.
**Required experience:**
+ Extensive experience responding to targeted attacks from APT groups, cybercriminals, and nation-state actors.
+ Strong forensic analysis skills across Windows, Linux, and macOS systems.
+ Expertise in network forensics, traffic analysis, and packet inspection (Wireshark, Zeek).
+ Proficiency in SIEM platforms (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Microsoft Defender ATP).
+ Knowledge of malware analysis techniques, including static and dynamic analysis.
+ Familiarity with cloud security investigations (AWS, Azure, GCP).
+ Strong scripting skills in Python, PowerShell, or similar languages for automation.
+ Understanding of security architecture, authentication mechanisms, and enterprise IT operations is a plus.
+ Experience with vulnerability management, red teaming, or penetration testing is a plus.
+ Familiarity with MITRE ATT&CK framework and various cyber threat intelligence methodologies.
**Preferred Certifications:**
+ GIAC (GCFA, GNFA, GCIH, GCIA, GREM)
+ CISSP (Certified Information Systems Security Professional)
+ CEH (Certified Ethical Hacker)
+ OSCP (Offensive Security Certified Professional)
+ Cloud Security Certifications (AWS Security Specialty, Microsoft Azure Security)
**Key Competencies:**
+ Strong analytical and problem-solving skills in high-pressure situations.
+ Ability to manage multiple investigations efficiently while meeting deadlines.
+ Excellent verbal and written communication skills, with the ability to convey technical details to varied audiences.
+ Strong team collaboration and leadership skills, with a proactive approach to knowledge sharing.
+ Ability to work in a fast-paced environment and adapt to evolving threats and challenges.
#LI-APAC
**Workplace type** **:**
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion - it's a place where you can grow, belong and thrive.
**Key Responsibilities:**
+ Lead and manage complex security incidents, acting as a key contact for stakeholders.
+ Perform deep analysis of security alerts to identify, mitigate, and remediate threats.
+ Conduct forensic investigations on compromised hosts, networks, and cloud environments.
+ Proactively hunt for adversarial activity and anomalous behaviors across large datasets.
+ Analyze malware samples (basic level) to determine functionality, impact, and mitigation strategies.
+ Develop and refine detection rules, improving alert fidelity and response workflows.
+ Contribute to threat intelligence gathering, analyzing attack patterns, and enhancing defensive strategies.
+ Participate in red teaming or penetration testing activities to identify and remediate vulnerabilities.
+ Provide strategic recommendations for improving the organization's security posture.
+ Create detailed incident reports, threat intelligence assessments, and executive summaries.
+ Mentor and provide guidance to junior analysts, fostering continuous improvement in IR methodologies.
**Knowledge and Attributes:**
+ Ability to communicate and work across different cultures and social groups.
+ Ability to plan activities and projects well in advance, and takes into account possible changing circumstances.
+ Ability to maintain a positive outlook at work.
+ Ability to work well in a pressurized environment.
+ Ability to work hard and put in longer hours when it is necessary.
+ Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting.
+ Ability to adapt to changing circumstances.
+ Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey.
**Academic Qualifications and Certifications:**
+ Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
+ Minimum of 5 years of experience in cybersecurity, with at least 2 years in incident response, threat hunting, or forensic analysis.
**Required experience:**
+ Extensive experience responding to targeted attacks from APT groups, cybercriminals, and nation-state actors.
+ Strong forensic analysis skills across Windows, Linux, and macOS systems.
+ Expertise in network forensics, traffic analysis, and packet inspection (Wireshark, Zeek).
+ Proficiency in SIEM platforms (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Microsoft Defender ATP).
+ Knowledge of malware analysis techniques, including static and dynamic analysis.
+ Familiarity with cloud security investigations (AWS, Azure, GCP).
+ Strong scripting skills in Python, PowerShell, or similar languages for automation.
+ Understanding of security architecture, authentication mechanisms, and enterprise IT operations is a plus.
+ Experience with vulnerability management, red teaming, or penetration testing is a plus.
+ Familiarity with MITRE ATT&CK framework and various cyber threat intelligence methodologies.
**Preferred Certifications:**
+ GIAC (GCFA, GNFA, GCIH, GCIA, GREM)
+ CISSP (Certified Information Systems Security Professional)
+ CEH (Certified Ethical Hacker)
+ OSCP (Offensive Security Certified Professional)
+ Cloud Security Certifications (AWS Security Specialty, Microsoft Azure Security)
**Key Competencies:**
+ Strong analytical and problem-solving skills in high-pressure situations.
+ Ability to manage multiple investigations efficiently while meeting deadlines.
+ Excellent verbal and written communication skills, with the ability to convey technical details to varied audiences.
+ Strong team collaboration and leadership skills, with a proactive approach to knowledge sharing.
+ Ability to work in a fast-paced environment and adapt to evolving threats and challenges.
#LI-APAC
**Workplace type** **:**
**About NTT DATA**
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.
**Equal Opportunity Employer**
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Is this job a match or a miss?
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Security policy development Jobs in Malaysia !
1