124 Threat Intelligence jobs in Malaysia

Req ID: 7511

Job Description:

Duties and Responsibilities

As the Threat Intelligence Lead, you will be responsible for establishing and managing the bank's cyber threat intelligence (CTI) program. This role requires strong connections with law enforcement agencies such as NACSA, BNM, PDRM, MCMC, and MyCERT/CyberSecurity Malaysia to enhance collaboration on threat intelligence sharing and incident response. You will lead a team of analysts to identify, analyze, and mitigate emerging cyber threats that could impact the bank's operations and financial assets.

Key Performance Areas

1. Threat Intelligence

2. Develop and implement a Cyber Threat Intelligence (CTI) strategy aligned with the bank's cybersecurity objectives.

3. Establish and maintain strong relationships with NACSA, BNM, PDRM, MCMC, MyCERT/CyberSecurity Malaysia, FS-ISAC, and other regulatory/law enforcement bodies for intelligence sharing and incident collaboration.
4. Monitor and analyze cyber threat landscapes, emerging attack techniques, and geopolitical cyber risks that could affect the bank.
5. Collect, process, and analyze threat intelligence from open-source intelligence (OSINT), dark web sources, malware analysis, and private intelligence feeds.
6. Provide actionable intelligence to SOC, Incident Response (IR), Red Team, and Fraud Prevention teams to enhance proactive defense strategies.
7. Lead threat hunting and cyber forensics investigations to detect and neutralize advanced threats.
8. Collaborate with IT security teams to proactively mitigate risks from advanced persistent threats (APTs), cybercriminal groups, and nation-state actors.
9. Conduct cyber threat briefings, intelligence reports, and risk assessments for senior management and the board.
10. Ensure compliance with Bank Negara Malaysia (BNM) RMiT and other cybersecurity regulatory requirements.
11. Develop threat intelligence playbooks and integration strategies for SIEM, SOAR, and EDR/XDR platforms.

12. Represent the bank in cybersecurity forums, intelligence-sharing platforms, and government-led cyber exercises.

13. Information & Cyber Security Program

14. To support information/cyber security programs such as Compromised assessment, threat hunting and Cyber Drill exercise

15. To support a bank wide information security education and awareness campaign.
16. Provide information /cyber security training and education to stakeholders.
17. To provide tracking to the current cyber security programs that has been conducted

Specific Skills/Knowledge and Certification Required

• Strong knowledge of cyber threat intelligence frameworks (MITRE ATT&CK, Diamond Model, Kill Chain, TLP, STIX/TAXII).
• Established connections with NACSA, PDRM, MCMC, MyCERT, and other key regulatory bodies for intelligence collaboration.
• Hands-on experience with threat intelligence platforms (TIPs), OSINT tools, malware analysis, and dark web monitoring.
• Familiarity with cybercriminal tactics, Advanced Persistent Threat (APT) groups, financial cyber fraud, and phishing attacks.
• Experience in cyber threat hunting, forensics, and incident response coordination.
• Strong analytical and investigative skills with the ability to interpret and predict cyber threats.
• Industry certifications such as CTIA, GCTI, GOSI, CISM, CISSP, GCIH, GCFA, or equivalent are preferred.
• Experience working in the financial sector, intelligence agencies, or law enforcement cyber units is highly desirable.
• Excellent communication and presentation skills, with the ability to deliver intelligence reports to technical teams and executive leadership.

We are looking for a highly motivated and experienced Information Security & Cloud Compliance Specialist to lead our organization's journey towards ISO/IEC 27001 certification and strengthen our overall cloud and internal IT security posture. This role will be pivotal in building and maintaining our Information Security Management System (ISMS), managing IT asset governance, and addressing client security compliance requirements.

You will also be responsible for guiding and supervising a junior executive, who will support the implementation and daily management of our internal controls.

Key Responsibilities

1. ISO/IEC 27001 Implementation & Governance

2. Lead the planning and execution of ISO/IEC 27001 implementation across the organization

3. Conduct risk assessments, gap analyses, and drive remediation efforts
4. Develop and maintain ISMS policies, procedures, and documentation
5. Coordinate with internal teams to implement and monitor security controls

6. Prepare for internal audits and manage external certification activities

7. Cloud Security & Governance

8. Define and implement security controls across cloud platforms (e.g., Alibaba Cloud, Google Cloud Platform)

9. Perform cloud configuration reviews, identity and access management checks, and vulnerability assessments
10. Work with DevOps/Infra teams to enforce secure cloud deployment practices
11. Monitor cloud environments for potential threats and respond to security incidents

3.
Internal IT & Asset Security

• Establish and maintain an IT asset inventory (hardware, software, digital assets) in line with ISO 27001 controls
• Define policies for asset ownership, classification, labelling, and acceptable use
• Ensure internal systems such as Active Directory are securely configured and maintained

• Collaborate with internal IT support to implement and monitor endpoint and network security

• Client Security Compliance & Support

• Act as the primary point of contact for client security reviews and due diligence requests

• Respond to RFPs, vendor security questionnaires, and client audits
• Provide documentation and assurance aligned with ISO 27001, PDPA, and other industry frameworks

5. Security Monitoring & Incident Response

• Develop and maintain incident response plans, including investigation, reporting, and corrective actions
• Monitor security events and coordinate incident response activities with internal teams

• Maintain security logs, reports, and metrics for audits and continual improvement

• Team Leadership

• Supervise and mentor a junior executive supporting policy enforcement, documentation, and control tracking

• Assign and review tasks to ensure quality and timeliness of ISMS initiatives
• Promote a culture of security awareness across the organization

Qualifications

• Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related discipline
• At least 3 years of hands-on experience in IT security, cloud security, or compliance-related roles
• Proven experience in ISO/IEC 27001 implementation or audits
• Familiarity with cloud security practices on platforms like Alibaba Cloud or GCP
• Knowledge of IT asset management processes and internal IT control frameworks
• Good understanding of Malaysian regulations such as PDPA and industry data protection standards
• Excellent interpersonal and communication skills; able to work across business and technical teams
• Able to work independently and take initiative in a fast-paced environment

Bonus

• Certification in
  ISO 27001 Lead Implementer
  ,
  CompTIA Security+
  ,
  CISSP
  , or
  Cloud Security Certifications
• Experience with
  SIEM tools
  ,
  cloud monitoring
  , or
  security automation
• Familiarity with IT service management tools (e.g., Jira, ServiceNow)
• Basic scripting/automation knowledge (e.g., Python, Bash)

Information Security Specialist (Business Information Security)

bp Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia

To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).

• Security Assessments: conduct comprehensive assessments of systems, identifying risks and issues while recommending remediation measures.
• Technical & Non-Technical Risk Advisory: assess and communicate cybersecurity risks and mitigation strategies clearly to stakeholders.
• Cyber Behaviour Promotion: help develop and promote positive cyber security behaviours in day-to-day operations.
• Incident Management Support: provide specialist security expertise during security incidents, supporting response activities and improvement recommendations.
• Customer Support: act as the go-to point of contact for information security, delivering timely expertise on security matters affecting systems or data.
• Assess and Evaluate: perform regular security assessments of business systems using established methodologies to identify risks, weaknesses, and gaps.
• Respond and Advise: offer practical, tailored cyber security solutions aligned with operational requirements.
• Analyze and Report: evaluate risks and prepare clear, actionable recommendations for both business and technical audiences.
• Support and Collaborate: work with business teams to implement security measures while balancing operational needs.
• Promote and Educate: drive awareness through targeted activities, training support, and expert guidance.
• Monitor and Review: stay ahead of emerging threats and align with industry-standard methodologies.

• Bachelor's degree or equivalent experience in Information or Cyber Security, Computer Science, or Engineering.
• Working towards professional certifications such as CISM, CRISC, CISSP, or CompTIA Security+.
• Knowledge of security frameworks such as ISO 27001/27002, NIST, and CIS.
• Previous experience in information security roles in Finance, HR, Trading, Retail, Supply or Oil and Gas sectors.
• Ability to explain security concepts to a variety of audiences.
• Solid grasp of cyber risk assessment methodologies and translating technical findings into business impact.
• Attention to detail and ability to work independently while balancing multiple activities.
• Ability to adapt security recommendations to different operating environments.
• Ability to use technology, data, and insights to enable decision making.

bp is a global energy business with a purpose to reimagine energy for people and our planet. We aim to be a very different kind of energy company by 2030, helping the world reach net zero and improving people’s lives. We are committed to creating a diverse and inclusive environment where everyone can grow and succeed. Join bp and become part of the team building our future!

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Travel Requirement: No travel is expected with this role.

Relocation Assistance: This role is not eligible for relocation.

Remote Type: This position is a hybrid of office/remote working.

• Seniority level: Associate
• Employment type: Full-time
• Job function: Information Technology
• Industries: Oil and Gas

WHAT YOU’LL CHAMPION: SOC Leadership & Strategy

• Lead day-to-day SOC operations, ensuring timely detection, analysis, and response to security threats.
• Mentor and develop SOC analysts, fostering a high-performance detection and response culture.
• Drive continuous improvement of SOC processes, playbooks, and threat detection coverage.

• Own and enhance SIEM use cases, correlation rules, dashboards, and threat detection logic.
• Perform log analysis, threat hunting, and tuning of alerts to reduce false positives.
• Integrate new data sources into SIEM and EDR platforms to improve visibility.

• Lead major incident investigations, coordinating containment, eradication, and recovery efforts.
• Serve as an escalation point for complex security events and provide technical guidance to analysts.
• Collaborate with Legal, Risk, IT, and Communications teams during critical incidents.

• Design and implement SOAR workflows and automation scripts to accelerate incident handling.
• Identify opportunities for automation across detection, triage, and response activities.
• Maintain and optimize integrations between SOC tools, ticketing, and reporting platforms.

• Apply threat intel to improve detection coverage and proactively hunt for adversary activity.
• Stay updated on emerging threats, TTPs, and vulnerabilities to inform SOC defense strategy.
• Presentation to upper management on cybersecurity operations security metrics, trends, and incidents.

• 10 years of experience in Cybersecurity with a deep understanding of cybersecurity technologies, including SIEM, SOAR, EDR, WAF, IAM, and network security.
• Bachelor's degree in computer science, information security, or a related field.
• Proven ability to lead and motivate teams, build strong relationships, and influence decision-making at all levels.
• Hands on experience when it comes to SIEM, Detection Engineering, and Incident Response.
• Strong analytical and problem-solving skills to identify and resolve complex security issues.
• Excellent written and verbal communication skills, including the ability to communicate technical concepts to non-technical audiences.
• Proven ability to handle high-pressure situations and make critical decisions under time constraints.
• (Optional) Relevant security certifications.

Dispatcher to captain, ramp agent to data analyst, brand executive to CEO - these are some Dare To Dream stories of our Allstars.

• Physical Wellbeing: Key medical and insurance benefits, maternity expenses, flexible work arrangement, and health and fitness amenities.
• Emotional Wellbeing: Paid time off, wellness programmes, and childcare amenities.
• Financial Wellbeing: Resources relating to financial, personal skills and career growth programmes.
• Allstars Specials: Unlimited discounted flights, and exclusive discounts with partners.
• A unique Allstar culture like no other

• Application received
• Candidate screening
• Interview(s) and assessment(s)
• Background check and/or other assessments
• Offer and negotiation

Recruitment Researcher - Legal & IT Recruitment at eLawyer Recruitment

We operate primarily in a Linux-based environment, so a strong foundation in Linux security is essential.

If you're a security-minded professional who loves staying ahead of cyber threats, designing secure systems, and creating awareness across an organisation, we want to hear from you.

List of Responsibilities:

• Ongoing leadership and review of IT security. Ensure the alignment of cyber security and business objectives within the company.
• Implementing and designing cyber security policies, procedures and system solutions in line with industry standards and certifications
• Take ownership of ISO 27001 implementation, compliance, and continual improvement
• Operate, conduct, and maintain company’s SIEM platform (Wazuh) and conduct regular security audits of systems, policies, procedures, network configuration, operating systems, authentication systems, permission structures
• Own and manage the patching and vulnerability scanning process, including the use of tools such as OpenVAS or Nessus (preferred)
• Serve as the company point person for third-party security audit(s)
• Provide pre-sales security briefings / Q&A to company HPC Cloud customer security teams
• Work with company HPC Cloud customers and company teams on security integration
• Provide strategic-level guidance for company’s cyber security program and ensure compliance with cyber security policy, standards, regulations and legislation, working with the senior executives within the company
• Contribute to the development and maintenance of company’s business continuity and disaster recovery plans, with the aim to improve business resilience and ensure the continued operation of critical business processes
• Report on the company’s security risk profile, the status of key systems and any outstanding security risks, any planned cyber security uplift activities, any recent cyber security incidents, and expected returns on cyber security investments
• Oversee company’s response to cyber security incidents, including how internal teams respond and communicate with each other during an incident
• Ensure that a consistent vendor management process is applied across their organisation, from discovery through to ongoing management

Job Requirements:

• Minimum of 10 years of experience in Information Systems and/or Security Management roles
• Solid understanding of information security principles and frameworks such as ISO 27001, NIST, and industry best practices
• Strong hands-on experience securing Linux-based systems and environments
• Familiarity with threat detection, vulnerability management, and incident response
• Proficient knowledge of firewalls, intrusion detection/prevention systems, and endpoint protection tools
• Proven ability to develop, implement, and enforce effective security policies and procedures
• Excellent communication skills, including the ability to lead and deliver security training and awareness programs

The following experience is desirable, but not mandatory:

• Experience with CI/CD pipelines, Terraform, DevSecOps, and Kubernetes
• Familiarity with Palo Alto or other Next-Generation Firewalls (NGFWs)

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Information Technology

Industries: Technology, Information and Internet

Overview

Joining Razer will place you on a global mission to revolutionize the way the world games. Razer is a place to do great work , offering you the opportunity to make an impact globally while working across a global team located across 5 continents. Razer is also a great place to work, providing you the unique, gamer-centric #LifeAtRazer experience that will put you in an accelerated growth, both personally and professionally.

• We are looking for a skilled and analytical Information Security Analyst to join our team. In this role, you’ll be at the forefront of protecting our systems by identifying vulnerabilities, responding to threats, and continuously improving our security posture.
• This position offers valuable hands-on experience in cybersecurity. If you're eager to learn and build a career in this field, we encourage you to apply.
• Conduct vulnerability assessments and provide actionable remediation plans
• Perform penetration testing on networks, applications, and infrastructure.
• Review and optimize firewall rules and configurations.
• Monitor, analyze, and respond to security events and incidents, ensuring timely resolution and root cause analysis
• Investigate and respond to security incidents in a timely manner.
• Review and validate bug bounty submissions, coordinating with researchers and internal teams.
• Collaborate with IT, DevOps, and compliance teams to implement security best practices.
• Collaborate closely with business units to provide expert support and guidance on information security matters.
• Champion security awareness initiatives within the business, promoting a culture of security consciousness and best practices.
• Perform ad hoc tasks that are assigned by team leader or team manager.

• Candidate must possess at least a Bachelor's Degree, Post Graduate Diploma, Professional Degree, Computer Science/Information Technology/Security or equivalent. (candidates with relative levels of related experience will be considered).
• At least 3-5 years of hands-on working experience in cybersecurity, ethical hacking or information/IT security is required for this position.
• Possession of industry-relevant certifications such as CompTIA Security+, CEH, OSCP, or similar will be advantageous.
• For lead roles, experience in people management, ability to lead and influence people is expected.
• Hands-on experience with tools such as Burp Suite, Metasploit, Nessus, Qualys, Splunk, and SIEM platforms.
• Strong understanding of network protocols, web application security, and threat detection.
• Knowledge of AWS Cloud Computing services and experience with Linux servers is essential.
• Independent with excellent analytical skills, a problem-solving attitude, and the ability to work well in a team environment.
• Applicants must be willing to work in ICITY SHAH ALAM.

Are you game?

Job Responsibilities:

Help and support the head of department with the day-to-day information security tasks, such as risk assessment, monitoring, reporting, and advice.
Responsible for locating and fixing security flaws in the networks and computer systems of an organization.
Strong familiarity with vulnerability assessment and scanning to identify holes and vulnerabilities.
Conduct vulnerability assessments to find gaps in information security guidelines and evaluate risks that have been identified.
Collaborate with the IT team to address security flaws that could lead to improper use of data.
Work closely with the head of the department to establish security guidelines for the organization by defining standards and best practices to guarantee information availability, confidentiality, and integrity.
Inform staff members about security and technological best practices.

Job Requirements:

An IT bachelor’s degree or a professionally equivalent degree.
At least two to three years of professional expertise in system/network administration, compliance cloud services, information security incidents (cybersecurity), or IT governance is advantageous.
Thorough understanding of the principles of application security and cloud infrastructure.
Proficient in identifying and evaluating security risk mitigation measures and solutions.
Customer-focused, possessing a strong sense of accountability, a strong desire to achieve goals, and a keen interest in customer satisfaction.
The capacity and willingness to quickly learn new ideas and technology.
Excellent communication abilities, both written and verbal, for presentations.
Proficient in writing and speaking in English.
The capacity to work independently, multitask, and adhere to deadlines.
Dependable, adaptable, and eager to learn.

Overview

We are seeking a proactive Information Security Analyst (Executive Level) to safeguard the company’s IT infrastructure, both on-premise and in the cloud. This role involves implementing security strategies, managing risks, supporting client audits, and ensuring compliance with security standards to protect critical information assets.

VDart Malaysia is a fast-growing talent management and digital solution provider established in 2007. We are committed to bringing world-class technology and building a strong digital talent pool in emerging technologies across the ASEAN region.

We are a Purpose Driven, High Growth, Great Place to Work Certified Organization and serve customers including Fortune 100 companies across various industries globally.

Interested candidates please share your updated resume to

• Strategy Development – Develop and implement a comprehensive information security strategy aligned with organizational goals.
• Policy & Compliance – Establish, review, and maintain robust information security policies and procedures for on-premise and cloud environments.
• Risk & Vulnerability Management – Perform regular risk assessments, security audits, vulnerability assessments, and penetration tests.
• Remediation Planning – Develop and execute remediation plans for identified vulnerabilities.
• Incident Response – Monitor and respond promptly to security incidents, breaches, and threats.
• Client Audit Support – Represent the company during client audits, providing clear documentation and explanations of security measures.
• Collaboration – Work with internal teams and external suppliers to ensure compliance and effective risk mitigation.
• System Security – Partner with IT teams to maintain secure network and system architecture.
• Knowledge Update – Stay updated on emerging threats, technologies, and industry best practices.
• SSL & Domain Management – Monitor SSL certificates and domain expiration dates to ensure timely renewals.
• Asset Lifecycle Management – Track IT assets nearing end-of-support status and oversee upgrades or replacements.
• Obsolescence Planning – Assist the Head of Department in executing obsolescence plans to maintain secure and reliable IT assets.

• Experience in information security governance, risk management, and compliance.
• Knowledge of on-premises and cloud security controls and architectures.
• Ability to perform risk assessments, vulnerability assessments, and security testing.
• Strong collaboration and communication skills to work with internal teams and external vendors.
• Proactive, analytical, and detail-oriented with a strong commitment to security best practices.

• Seniority level: Associate
• Employment type: Full-time
• Job function: Information Technology
• Industries: IT Services and IT Consulting

Location notes: Kota Damansara, Selangor, Malaysia; Petaling Jaya, Selangor, Malaysia

Interested candidates please share your updated resume to