246 Security Systems jobs in Malaysia

Company Description
About Grab and Our Workplace
Grab is Southeast Asia's leading superapp. From getting your favourite meals delivered to helping you manage your finances and getting around town hassle-free, we've got your back with everything. In Grab, purpose gives us joy and habits build excellence, while harnessing the power of Technology and AI to deliver the mission of driving Southeast Asia forward by economically empowering everyone, with heart, hunger, honour, and humility.

Job Description
Get to Know the Team
At Grabber Technology Solutions (GTS), we revolutionise the technology experience for every Grabber. Our mission is to empower our team with seamless and innovative solutions that enhance their daily work. We are a diverse group of forward-thinkers committed to creating personalised IT experiences. If you're passionate about customer-centric innovation and eager to make a significant impact on technology at Grab, come join us and help shape the future of technology.

Get to Know the Role
As a Security Systems Engineer, you will design, implement, and maintain Grab's physical security systems across offices in the region. This includes managing projects for CCTV, access control, and intrusion detection systems, as well as ensuring system reliability and compliance with regulatory and internal standards.

You will work closely with Grab CREST (Corporate Real Estate and Security Team) and Cybersecurity team, and external vendors to support Grab's rapid growth and physical infrastructure needs.

This role is onsite and based in Malaysia.

Key Responsibilities

• Lead implementation of physical security systems during new site builds, retrofits, and expansions.
• Prepare and review security design documentation: device layouts, wiring diagrams, bill of materials (BOM), and as-built drawings.
• Coordinate with vendors, integrators, and project managers on schedules, installations, and commissioning activities.
• Conduct testing, configuration, and quality assurance checks of installed systems.
• Perform preventive and corrective maintenance to ensure continuous system uptime.
• Maintain site documentation, including change records and maintenance logs.
• Provide technical support and troubleshooting for system issues.
• Conduct physical site risk assessments with Corporate Security Teams onsite and support mitigation design.
• Ensure all work complies with Grab security standards and local regulatory requirements.

Qualifications

• More than 5 years of hands-on experience working with physical security systems such as access control, CCTV, VMS, ISMS, CACB, and related technologies
• Basic to intermediate understanding of IP networking (switching, PoE, subnetting).
• Ability to read technical drawings, network diagrams, and floor plans.
• Experience coordinating with contractors or vendors on physical installations.
• Strong documentation and organizational skills.
• Willingness to travel regionally

• Preferred Qualifications (not mandatory):

• Experience with scripting languages (e.g., Python, PowerShell, Bash) for automation or system integration.

• Exposure to AI/ML tools or video analytics for threat detection or incident filtering.
• Vendor certifications (e.g., Genetec, Gallagher, Axis).
• Project management experience or certifications (e.g., PMP).
• Physical Security Professional (PSP) or equivalent certification

Additional Information
Life at Grab
We care about your well-being at Grab, here are some of the global benefits we offer:

• We have your back with Term Life Insurance and comprehensive Medical Insurance.
• With GrabFlex, create a benefits package that suits your needs and aspirations.
• Celebrate moments that matter in life with loved ones through Parental and Birthday leave, and give back to your communities through Love-all-Serve-all (LASA) volunteering leave
• We have a confidential Grabber Assistance Programme to guide and uplift you and your loved ones through life's challenges.
• Balancing personal commitments and life's demands are made easier with our FlexWork arrangements such as differentiated hours

What We Stand For At Grab
We are committed to building an inclusive and equitable workplace that enables diverse Grabbers to grow and perform at their best. As an equal opportunity employer, we consider all candidates fairly and equally regardless of nationality, ethnicity, religion, age, gender identity, sexual orientation, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique.

We are looking for a highly motivated and experienced Information Security & Cloud Compliance Specialist to lead our organization's journey towards ISO/IEC 27001 certification and strengthen our overall cloud and internal IT security posture. This role will be pivotal in building and maintaining our Information Security Management System (ISMS), managing IT asset governance, and addressing client security compliance requirements.

You will also be responsible for guiding and supervising a junior executive, who will support the implementation and daily management of our internal controls.

Key Responsibilities

1. ISO/IEC 27001 Implementation & Governance

2. Lead the planning and execution of ISO/IEC 27001 implementation across the organization

3. Conduct risk assessments, gap analyses, and drive remediation efforts
4. Develop and maintain ISMS policies, procedures, and documentation
5. Coordinate with internal teams to implement and monitor security controls

6. Prepare for internal audits and manage external certification activities

7. Cloud Security & Governance

8. Define and implement security controls across cloud platforms (e.g., Alibaba Cloud, Google Cloud Platform)

9. Perform cloud configuration reviews, identity and access management checks, and vulnerability assessments
10. Work with DevOps/Infra teams to enforce secure cloud deployment practices
11. Monitor cloud environments for potential threats and respond to security incidents

3.
Internal IT & Asset Security

• Establish and maintain an IT asset inventory (hardware, software, digital assets) in line with ISO 27001 controls
• Define policies for asset ownership, classification, labelling, and acceptable use
• Ensure internal systems such as Active Directory are securely configured and maintained

• Collaborate with internal IT support to implement and monitor endpoint and network security

• Client Security Compliance & Support

• Act as the primary point of contact for client security reviews and due diligence requests

• Respond to RFPs, vendor security questionnaires, and client audits
• Provide documentation and assurance aligned with ISO 27001, PDPA, and other industry frameworks

5. Security Monitoring & Incident Response

• Develop and maintain incident response plans, including investigation, reporting, and corrective actions
• Monitor security events and coordinate incident response activities with internal teams

• Maintain security logs, reports, and metrics for audits and continual improvement

• Team Leadership

• Supervise and mentor a junior executive supporting policy enforcement, documentation, and control tracking

• Assign and review tasks to ensure quality and timeliness of ISMS initiatives
• Promote a culture of security awareness across the organization

Qualifications

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related discipline
• At least 3 years of hands-on experience in IT security, cloud security, or compliance-related roles
• Proven experience in ISO/IEC 27001 implementation or audits
• Familiarity with cloud security practices on platforms like Alibaba Cloud or GCP
• Knowledge of IT asset management processes and internal IT control frameworks
• Good understanding of Malaysian regulations such as PDPA and industry data protection standards
• Excellent interpersonal and communication skills; able to work across business and technical teams
• Able to work independently and take initiative in a fast-paced environment

Bonus

• Certification in
  ISO 27001 Lead Implementer
  ,
  CompTIA Security+
  ,
  CISSP
  , or
  Cloud Security Certifications
• Experience with
  SIEM tools
  ,
  cloud monitoring
  , or
  security automation
• Familiarity with IT service management tools (e.g., Jira, ServiceNow)
• Basic scripting/automation knowledge (e.g., Python, Bash)

Information Security Specialist (Business Information Security)

bp Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia

To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).

• Security Assessments: conduct comprehensive assessments of systems, identifying risks and issues while recommending remediation measures.
• Technical & Non-Technical Risk Advisory: assess and communicate cybersecurity risks and mitigation strategies clearly to stakeholders.
• Cyber Behaviour Promotion: help develop and promote positive cyber security behaviours in day-to-day operations.
• Incident Management Support: provide specialist security expertise during security incidents, supporting response activities and improvement recommendations.
• Customer Support: act as the go-to point of contact for information security, delivering timely expertise on security matters affecting systems or data.
• Assess and Evaluate: perform regular security assessments of business systems using established methodologies to identify risks, weaknesses, and gaps.
• Respond and Advise: offer practical, tailored cyber security solutions aligned with operational requirements.
• Analyze and Report: evaluate risks and prepare clear, actionable recommendations for both business and technical audiences.
• Support and Collaborate: work with business teams to implement security measures while balancing operational needs.
• Promote and Educate: drive awareness through targeted activities, training support, and expert guidance.
• Monitor and Review: stay ahead of emerging threats and align with industry-standard methodologies.

• Bachelor's degree or equivalent experience in Information or Cyber Security, Computer Science, or Engineering.
• Working towards professional certifications such as CISM, CRISC, CISSP, or CompTIA Security+.
• Knowledge of security frameworks such as ISO 27001/27002, NIST, and CIS.
• Previous experience in information security roles in Finance, HR, Trading, Retail, Supply or Oil and Gas sectors.
• Ability to explain security concepts to a variety of audiences.
• Solid grasp of cyber risk assessment methodologies and translating technical findings into business impact.
• Attention to detail and ability to work independently while balancing multiple activities.
• Ability to adapt security recommendations to different operating environments.
• Ability to use technology, data, and insights to enable decision making.

bp is a global energy business with a purpose to reimagine energy for people and our planet. We aim to be a very different kind of energy company by 2030, helping the world reach net zero and improving people’s lives. We are committed to creating a diverse and inclusive environment where everyone can grow and succeed. Join bp and become part of the team building our future!

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Travel Requirement: No travel is expected with this role.

Relocation Assistance: This role is not eligible for relocation.

Remote Type: This position is a hybrid of office/remote working.

• Seniority level: Associate
• Employment type: Full-time
• Job function: Information Technology
• Industries: Oil and Gas

WHAT YOU’LL CHAMPION: SOC Leadership & Strategy

• Lead day-to-day SOC operations, ensuring timely detection, analysis, and response to security threats.
• Mentor and develop SOC analysts, fostering a high-performance detection and response culture.
• Drive continuous improvement of SOC processes, playbooks, and threat detection coverage.

• Own and enhance SIEM use cases, correlation rules, dashboards, and threat detection logic.
• Perform log analysis, threat hunting, and tuning of alerts to reduce false positives.
• Integrate new data sources into SIEM and EDR platforms to improve visibility.

• Lead major incident investigations, coordinating containment, eradication, and recovery efforts.
• Serve as an escalation point for complex security events and provide technical guidance to analysts.
• Collaborate with Legal, Risk, IT, and Communications teams during critical incidents.

• Design and implement SOAR workflows and automation scripts to accelerate incident handling.
• Identify opportunities for automation across detection, triage, and response activities.
• Maintain and optimize integrations between SOC tools, ticketing, and reporting platforms.

• Apply threat intel to improve detection coverage and proactively hunt for adversary activity.
• Stay updated on emerging threats, TTPs, and vulnerabilities to inform SOC defense strategy.
• Presentation to upper management on cybersecurity operations security metrics, trends, and incidents.

• 10 years of experience in Cybersecurity with a deep understanding of cybersecurity technologies, including SIEM, SOAR, EDR, WAF, IAM, and network security.
• Bachelor's degree in computer science, information security, or a related field.
• Proven ability to lead and motivate teams, build strong relationships, and influence decision-making at all levels.
• Hands on experience when it comes to SIEM, Detection Engineering, and Incident Response.
• Strong analytical and problem-solving skills to identify and resolve complex security issues.
• Excellent written and verbal communication skills, including the ability to communicate technical concepts to non-technical audiences.
• Proven ability to handle high-pressure situations and make critical decisions under time constraints.
• (Optional) Relevant security certifications.

Dispatcher to captain, ramp agent to data analyst, brand executive to CEO - these are some Dare To Dream stories of our Allstars.

• Physical Wellbeing: Key medical and insurance benefits, maternity expenses, flexible work arrangement, and health and fitness amenities.
• Emotional Wellbeing: Paid time off, wellness programmes, and childcare amenities.
• Financial Wellbeing: Resources relating to financial, personal skills and career growth programmes.
• Allstars Specials: Unlimited discounted flights, and exclusive discounts with partners.
• A unique Allstar culture like no other

• Application received
• Candidate screening
• Interview(s) and assessment(s)
• Background check and/or other assessments
• Offer and negotiation

Recruitment Researcher - Legal & IT Recruitment at eLawyer Recruitment

We operate primarily in a Linux-based environment, so a strong foundation in Linux security is essential.

If you're a security-minded professional who loves staying ahead of cyber threats, designing secure systems, and creating awareness across an organisation, we want to hear from you.

List of Responsibilities:

• Ongoing leadership and review of IT security. Ensure the alignment of cyber security and business objectives within the company.
• Implementing and designing cyber security policies, procedures and system solutions in line with industry standards and certifications
• Take ownership of ISO 27001 implementation, compliance, and continual improvement
• Operate, conduct, and maintain company’s SIEM platform (Wazuh) and conduct regular security audits of systems, policies, procedures, network configuration, operating systems, authentication systems, permission structures
• Own and manage the patching and vulnerability scanning process, including the use of tools such as OpenVAS or Nessus (preferred)
• Serve as the company point person for third-party security audit(s)
• Provide pre-sales security briefings / Q&A to company HPC Cloud customer security teams
• Work with company HPC Cloud customers and company teams on security integration
• Provide strategic-level guidance for company’s cyber security program and ensure compliance with cyber security policy, standards, regulations and legislation, working with the senior executives within the company
• Contribute to the development and maintenance of company’s business continuity and disaster recovery plans, with the aim to improve business resilience and ensure the continued operation of critical business processes
• Report on the company’s security risk profile, the status of key systems and any outstanding security risks, any planned cyber security uplift activities, any recent cyber security incidents, and expected returns on cyber security investments
• Oversee company’s response to cyber security incidents, including how internal teams respond and communicate with each other during an incident
• Ensure that a consistent vendor management process is applied across their organisation, from discovery through to ongoing management

Job Requirements:

• Minimum of 10 years of experience in Information Systems and/or Security Management roles
• Solid understanding of information security principles and frameworks such as ISO 27001, NIST, and industry best practices
• Strong hands-on experience securing Linux-based systems and environments
• Familiarity with threat detection, vulnerability management, and incident response
• Proficient knowledge of firewalls, intrusion detection/prevention systems, and endpoint protection tools
• Proven ability to develop, implement, and enforce effective security policies and procedures
• Excellent communication skills, including the ability to lead and deliver security training and awareness programs

The following experience is desirable, but not mandatory:

• Experience with CI/CD pipelines, Terraform, DevSecOps, and Kubernetes
• Familiarity with Palo Alto or other Next-Generation Firewalls (NGFWs)

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Information Technology

Industries: Technology, Information and Internet

Overview

Joining Razer will place you on a global mission to revolutionize the way the world games. Razer is a place to do great work , offering you the opportunity to make an impact globally while working across a global team located across 5 continents. Razer is also a great place to work, providing you the unique, gamer-centric #LifeAtRazer experience that will put you in an accelerated growth, both personally and professionally.

• We are looking for a skilled and analytical Information Security Analyst to join our team. In this role, you’ll be at the forefront of protecting our systems by identifying vulnerabilities, responding to threats, and continuously improving our security posture.
• This position offers valuable hands-on experience in cybersecurity. If you're eager to learn and build a career in this field, we encourage you to apply.
• Conduct vulnerability assessments and provide actionable remediation plans
• Perform penetration testing on networks, applications, and infrastructure.
• Review and optimize firewall rules and configurations.
• Monitor, analyze, and respond to security events and incidents, ensuring timely resolution and root cause analysis
• Investigate and respond to security incidents in a timely manner.
• Review and validate bug bounty submissions, coordinating with researchers and internal teams.
• Collaborate with IT, DevOps, and compliance teams to implement security best practices.
• Collaborate closely with business units to provide expert support and guidance on information security matters.
• Champion security awareness initiatives within the business, promoting a culture of security consciousness and best practices.
• Perform ad hoc tasks that are assigned by team leader or team manager.

• Candidate must possess at least a Bachelor's Degree, Post Graduate Diploma, Professional Degree, Computer Science/Information Technology/Security or equivalent. (candidates with relative levels of related experience will be considered).
• At least 3-5 years of hands-on working experience in cybersecurity, ethical hacking or information/IT security is required for this position.
• Possession of industry-relevant certifications such as CompTIA Security+, CEH, OSCP, or similar will be advantageous.
• For lead roles, experience in people management, ability to lead and influence people is expected.
• Hands-on experience with tools such as Burp Suite, Metasploit, Nessus, Qualys, Splunk, and SIEM platforms.
• Strong understanding of network protocols, web application security, and threat detection.
• Knowledge of AWS Cloud Computing services and experience with Linux servers is essential.
• Independent with excellent analytical skills, a problem-solving attitude, and the ability to work well in a team environment.
• Applicants must be willing to work in ICITY SHAH ALAM.

Are you game?

Overview

We are seeking a proactive Information Security Analyst (Executive Level) to safeguard the company’s IT infrastructure, both on-premise and in the cloud. This role involves implementing security strategies, managing risks, supporting client audits, and ensuring compliance with security standards to protect critical information assets.

VDart Malaysia is a fast-growing talent management and digital solution provider established in 2007. We are committed to bringing world-class technology and building a strong digital talent pool in emerging technologies across the ASEAN region.

We are a Purpose Driven, High Growth, Great Place to Work Certified Organization and serve customers including Fortune 100 companies across various industries globally.

Interested candidates please share your updated resume to

• Strategy Development – Develop and implement a comprehensive information security strategy aligned with organizational goals.
• Policy & Compliance – Establish, review, and maintain robust information security policies and procedures for on-premise and cloud environments.
• Risk & Vulnerability Management – Perform regular risk assessments, security audits, vulnerability assessments, and penetration tests.
• Remediation Planning – Develop and execute remediation plans for identified vulnerabilities.
• Incident Response – Monitor and respond promptly to security incidents, breaches, and threats.
• Client Audit Support – Represent the company during client audits, providing clear documentation and explanations of security measures.
• Collaboration – Work with internal teams and external suppliers to ensure compliance and effective risk mitigation.
• System Security – Partner with IT teams to maintain secure network and system architecture.
• Knowledge Update – Stay updated on emerging threats, technologies, and industry best practices.
• SSL & Domain Management – Monitor SSL certificates and domain expiration dates to ensure timely renewals.
• Asset Lifecycle Management – Track IT assets nearing end-of-support status and oversee upgrades or replacements.
• Obsolescence Planning – Assist the Head of Department in executing obsolescence plans to maintain secure and reliable IT assets.

• Experience in information security governance, risk management, and compliance.
• Knowledge of on-premises and cloud security controls and architectures.
• Ability to perform risk assessments, vulnerability assessments, and security testing.
• Strong collaboration and communication skills to work with internal teams and external vendors.
• Proactive, analytical, and detail-oriented with a strong commitment to security best practices.

• Seniority level: Associate
• Employment type: Full-time
• Job function: Information Technology
• Industries: IT Services and IT Consulting

Location notes: Kota Damansara, Selangor, Malaysia; Petaling Jaya, Selangor, Malaysia

Interested candidates please share your updated resume to