233 Vulnerability Management jobs in Malaysia

Job Description

Position Title: Vice President – Threat Management, Vulnerability Management & SOC

Department: Information Security / Cybersecurity

Reporting To: Chief Information Security Officer (CISO) / Head of Information Security

Location: Kuala Lumpur, Malaysia

Employment Type: Full-time

Position Overview

The Vice President – Threat Management, Vulnerability Management, and SOC is

responsible for leading the bank's cybersecurity defense operations, overseeing the end-to-end lifecycle of threat detection, prevention, and response. This role involves managing the Security Operations Center (SOC), vulnerability management programs, and advanced threat management capabilities to safeguard the bank's systems, data, and customers. The ideal candidate will bring strong technical leadership, regulatory awareness, and experience in building resilient cyber defense strategies. While banking sector experience is preferred, candidates from other regulated industries with strong cybersecurity leadership backgrounds will be considered.

Key Responsibilities

Threat Management

• Lead the threat intelligence program to identify, analyze, and mitigate cyber threats

targeting the bank.

• Establish processes to assess emerging threats and provide actionable intelligence to

business and technology teams.

• Develop proactive measures to prevent, detect, and respond to advanced cyberattacks.

Vulnerability Management

• Oversee enterprise-wide vulnerability assessment, scanning, and remediation

processes.

• Collaborate with IT and application teams to ensure timely remediation of critical

vulnerabilities.

• Develop a risk-based prioritization model for vulnerability patching and mitigation.
• Report on vulnerability trends, metrics, and compliance to senior management and

regulators.

Security Operations Center (SOC) Leadership

• Lead the 24x7 SOC operations, including incident detection, triage, response, and

recovery.

• Establish incident response playbooks, escalation procedures, and forensic

investigation practices.

• Ensure SOC analysts have the tools, training, and resources to perform effectively.
• Drive automation and orchestration initiatives to improve SOC efficiency and reduce

response times.

Governance, Risk & Compliance

• Ensure compliance with relevant banking and regulatory requirements (e.g., Bank

Negara Malaysia guidelines, PCI DSS, ISO 27001, NIST, MAS TRM, GDPR as

applicable).

• Act as a key point of contact with regulators, auditors, and internal stakeholders on

threat and vulnerability management.

• Develop reporting dashboards for executives and board-level committees on security

posture.

Leadership & Strategy

• Provide strategic direction for cybersecurity operations aligned with the bank's

overall risk management framework.

• Build and mentor a high-performing cyber defense team.
• Partner with IT, Risk, Audit, and Business stakeholders to embed security into the

organization's culture.

• Keep abreast of the latest threats, technologies, and best practices in cybersecurity.

Qualifications & Experience

Education:

• Bachelor's degree in Computer Science, Information Security, Engineering, or related

field.

• Master's degree or MBA is a plus.

Certifications (preferred):

• CISSP, CISM, CISA
• GIAC (GCIH, GCIA, GMON, GRID, or similar)
• CEH, OSCP, or equivalent technical certifications
• Cloud Security (CCSP, AWS Security Specialty, Azure Security Engineer) is an

advantage.

Experience:

• 12–15 years of overall cybersecurity experience, with at least 5 years in a leadership

role.

• Experience managing SOC operations, incident response, and threat intelligence.
• Proven expertise in vulnerability management and remediation.
• Banking or financial services background strongly preferred but not mandatory.
• Demonstrated ability to engage with regulators, auditors, and executive stakeholders.
• Strong knowledge of cybersecurity frameworks (NIST CSF, MITRE ATT&CK, ISO

27001).

Key Competencies

• Strong leadership and people management skills.
• Excellent analytical and problem-solving abilities.
• Ability to communicate complex technical issues to senior management and board

members.

• Risk-based decision-making mindset.
• High level of integrity and commitment to confidentiality.

Job Types: Full-time, Permanent

Pay: RM15, RM18,000.00 per month

Position Title: Vice President – Threat Management, Vulnerability Management & SOC

Salary budget: Up to RM18K

Location: Kuala Lumpur, Malaysia

Company background: Banking

Department: Information Security / Cybersecurity

Reporting To: Chief Information Security Officer (CISO) / Head of Information Security

Employment Type: Full-time

Position Overview

The Vice President – Threat Management, Vulnerability Management, and SOC is

responsible for leading the bank's cybersecurity defense operations, overseeing the end-to-end lifecycle of threat detection, prevention, and response. This role involves managing the Security Operations Center (SOC), vulnerability management programs, and advanced threat management capabilities to safeguard the bank's systems, data, and customers.

The ideal candidate will bring strong technical leadership, regulatory awareness, and

experience in building resilient cyber defense strategies. While banking sector experience is preferred, candidates from other regulated industries with strong cybersecurity leadership backgrounds will be considered.

Key Responsibilities

Threat Management

• Lead the threat intelligence program to identify, analyze, and mitigate cyber threats targeting the bank.
• Establish processes to assess emerging threats and provide actionable intelligence to business and technology teams.
• Develop proactive measures to prevent, detect, and respond to advanced cyberattacks.

Vulnerability Management

• Oversee enterprise-wide vulnerability assessment, scanning, and remediation processes.
• Collaborate with IT and application teams to ensure timely remediation of critical vulnerabilities.
• Develop a risk-based prioritization model for vulnerability patching and mitigation.
• Report on vulnerability trends, metrics, and compliance to senior management and regulators.

Security Operations Center (SOC) Leadership

• Lead the 24x7 SOC operations, including incident detection, triage, response, and recovery.
• Establish incident response playbooks, escalation procedures, and forensic investigation practices.
• Ensure SOC analysts have the tools, training, and resources to perform effectively.
• Drive automation and orchestration initiatives to improve SOC efficiency and reduce response times.

Governance, Risk & Compliance

• Ensure compliance with relevant banking and regulatory requirements (e.g., Bank Negara Malaysia guidelines, PCI DSS, ISO 27001, NIST, MAS TRM, GDPR as applicable).
• Act as a key point of contact with regulators, auditors, and internal stakeholders on threat and vulnerability management.
• Develop reporting dashboards for executives and board-level committees on security posture.

Leadership & Strategy

• Provide strategic direction for cybersecurity operations aligned with the bank's overall risk management framework.
• Build and mentor a high-performing cyber defense team.
• Partner with IT, Risk, Audit, and Business stakeholders to embed security into the organization's culture.
• Keep abreast of the latest threats, technologies, and best practices in cybersecurity.

Qualifications & Experience

Education:

• Bachelor's degree in Computer Science, Information Security, Engineering, or related field.
• Master's degree or MBA is a plus.

Certifications (preferred):

• CISSP, CISM, CISA
• GIAC (GCIH, GCIA, GMON, GRID, or similar)
• CEH, OSCP, or equivalent technical certifications
• Cloud Security (CCSP, AWS Security Specialty, Azure Security Engineer) is an advantage.

Job Types: Full-time, Permanent

Pay: RM15, RM18,000.00 per month

Benefits:

• Opportunities for promotion
• Professional development

Application Question(s):

• Total years of proven work experience leadership in cybersecurity operations (SOC, Threat & Vulnerability Management)?
• Total years of work experience in hands-on expertise in threat intelligence, detection, response, and prevention of cyberattacks?
• Total years of work experience in enterprise-wide vulnerability assessments, scanning, and remediation?
• Total years of work experience & knowledge in risk-based prioritization for patching and vulnerability mitigation?
• Total years of work experience managing 24x7 SOC operations, incident response, triage, and forensics?
• Total years of work experience with automation, orchestration tools, and incident response playbooks?
• Total years of work experience & ability to improve SOC efficiency and reduce response times?
• Total years of work experience & deep understanding of regulatory requirements (Bank Negara Malaysia guidelines, PCI DSS, ISO 27001, NIST, MAS TRM, GDPR)?
• Total years of experience dealing with regulators, auditors, and board-level reporting?
• Total years of work experience & strong grasp of cybersecurity frameworks, standards, and best practices?
• Last drawn salary & minimum expected salary per month in MYR?
• Do you require Company provide you a work pass to work in Malaysia?

Experience:

• Banking, Financial Services, and Insurance (BFSI): 5 years (Preferred)

License/Certification:

• CISSP, CISM, CISA, GIAC (GCIH, GCIA, GMON, GRID), CEH, OSCP (Preferred)

Work Location: In person

Summary

A Cyber Incident Response Manager plays a pivotal role in safeguarding an organization's digital assets by leading efforts to detect, analyze, and respond to cybersecurity incidents. This position is crucial in minimizing the impact of security breaches and ensuring swift recovery.

Duties and Responsibilities

Key Performance Areas

1. To be aware of and uphold cybersecurity responsibilities as stated in the BNM's RMiT and Bank's Internal Policy;
2. To assist the Team Lean to coordinate and plan work for cybersecurity governance, controls implementation and project execution for team members within the unit;
3. Stays informed the current and proposed laws, regulations, industry standards, and ethical requirements related to cyber security and privacy, so that the Bank is warned in advance and ready to be fully compliant with these requirements;
4. Prepares and periodically updates cybersecurity policies, especially on Cyber Incident Respond Plan;
5. To assist the Team Lead in coordinating and consolidating of management, stakeholders and regulatory reporting including Cyber incident and Cyber Threat Intelligence.
6. To assist the Team Lead in coordinating and performing periodic cyber drills t to evaluate preparedness to withstand cyber adversary and inform or update required participants of their roles in the response against cyber incident.
7. Conceives and proposes to the Team Lead on new approaches that will allow greater standardization and more effective management of security measures;
8. To assist the team lead in maintaining strong working relationships within the BIMB group involved with information security matters
9. Any other duties and assignment as and when requested by the superior from time to time.

Specific Skills/Knowledge and Certification

• Experienced in Forensic and Incident Handling
• Experience in IT/Cybersecurity/Information Security industry preferred
• Relevant certifications such as GCFA, GCIH, or GCIA are preferred Report writing skills are required. Must be able to summarize and communicate technical data to a non-technical audience
• Excellent communication, interpersonal with cumulative ability to express ideas and concerns.
• Be an assertive and innovative team player, highly independent, committed, self-motivated, resourceful and result-oriented.
• Ability to network across a variety of functions at various levels
• Ability to multi-task, highly numerate with great attention to detail.

Overview

Were seeking a visionary cybersecurity leader to head our Threat Management, Vulnerability Management, and Security Operations Center (SOC). As Vice President, you will be at the forefront of our cyber defense strategy leading threat intelligence, vulnerability remediation, and 24x7 SOC operations to protect our systems, data, and customers. This is a high-impact role for someone who thrives in regulated environments, understands the evolving threat landscape, and can translate technical risks into business decisions.

• Lead threat intelligence programs and develop proactive defense strategies
• Oversee enterprise-wide vulnerability assessments and remediation
• Manage SOC operations, incident response, and forensic investigations
• Ensure compliance with regulatory frameworks (BNM, PCI DSS, ISO 27001, NIST, MAS TRM, GDPR)
• Engage with regulators, auditors, and executive stakeholders
• Build and mentor a high-performing cyber defense team

• 12-15 years of cybersecurity experience, with 5+ years in leadership
• Proven expertise in SOC, threat intelligence, and vulnerability management
• Strong grasp of cybersecurity frameworks (NIST CSF, MITRE ATT&CK, ISO 27001)
• Certifications preferred: CISSP, CISM, GIAC, CEH, OSCP, CCSP
• Experience in banking or other regulated industries is a plus
• Exceptional communication, leadership, and risk-based decision-making skills
• Be part of a forward-thinking cybersecurity team
• Influence strategic decisions at the highest level
• Work in a dynamic, innovation-driven environment
• Competitive compensation and benefits

Security Engineer, Vulnerability Management

Job description for the Security Engineer, Vulnerability Management role.

The Vulnerability Management Automation team is dedicated to enhancing the efficiency and accuracy of the Vulnerability Management Program through automation. Our mission is to integrate and streamline various data sources and processes to provide comprehensive vulnerability management.

You will report to the Engineer Manager and be based onsite in Petaling Jaya, Malaysia. As a backend engineer you will design and manage automation tools for vulnerability management, embrace cutting-edge technologies and a culture of knowledge-sharing, learn scalable software engineering practices and create tools for secure platform operations, and be part of an on-call rotation for infrastructure support and incident management.

• You will design and write with the cutting edge GO language to improve the availability, scalability, latency, and efficiency of the Security platform.
• You will partner with other engineering teams to explore and create new design/architectures geared towards scale and performance.
• You will be involved in code and design reviews to maintain our high development standards.
• You will collaborate closely with the infrastructure team in building and scaling backend services and performing root cause analysis investigations.
• You are responsible for building, and fixing large-scale systems and debugging and modifying production software.
• Write unit, functional, and end-to-end tests.

• You have a degree in Computer Science, Software Engineering, Information Technology, or related fields.
• You have solid Computer Science fundamentals in algorithms and data structures.
• You have a sound understanding of system performance and security.
• Comfortable to code in at least one high-level programming language - Java, Python, or Golang for scripting and automation.

We care about your well-being at Grab, here are some of the global benefits we offer:

• We have your back with Term Life Insurance and comprehensive Medical Insurance.
• With GrabFlex, create a benefits package that suits your needs and aspirations.
• Celebrate moments that matter in life with loved ones through Parental and Birthday leave, and give back to your communities through Love-all-Serve-all (LASA) volunteering leave
• We have a confidential Grabber Assistance Programme to guide and uplift you and your loved ones through life's challenges.
• Balancing personal commitments and life's demands are made easier with our FlexWork arrangements such as differentiated hours

What We Stand For At Grab

We are committed to building an inclusive and equitable workplace that provides equal opportunity for Grabbers to grow and perform at their best. We consider all candidates fairly and equally regardless of nationality, ethnicity, race, religion, age, gender, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique.

About Grab and Our Workplace

Grab is Southeast Asia's leading superapp. From getting your favourite meals delivered to helping you manage your finances and getting around town hassle-free, we've got your back with everything. In Grab, purpose gives us joy and habits build excellence, while harnessing the power of Technology and AI to deliver the mission of driving Southeast Asia forward by economically empowering everyone, with heart, hunger, honour, and humility.

Get to Know the Team

The Vulnerability Management Automation team is dedicated to enhancing the efficiency and accuracy of the Vulnerability Management Program through automation. Our mission is to integrate and streamline various data sources and processes to provide comprehensive vulnerability management.

Get to Know the Role

You will report to the Engineer Manager and be based onsite in Petaling Jaya, Malaysia.

As a backend engineer you will: design and manage automation tools for vulnerability management. Embrace cutting-edge technologies and a culture of knowledge-sharing. Learn scalable software engineering practices and create tools for secure platform operations. Be part of an on-call rotation for infrastructure support and incident management. Grow with us!

The Critical Tasks You Will Perform

• You will design and write with the cutting edge GO language to improve the availability, scalability, latency, and efficiency of the Security platform.
• You will partner with other engineering teams to explore and create new design/architectures geared towards scale and performance.
• You will be involved in code and design reviews to maintain our high development standards.
• You will collaborate closely with the infrastructure team in building and scaling backend services and performing root cause analysis investigations.
• You are responsible for building, and fixing large-scale systems and debugging and modifying production software.
• Write unit, functional, and end-to-end tests.

What Essential Skills You Will Need

• You have a degree in Computer Science, Software Engineering, Information Technology, or related fields.
• You have solid Computer Science fundamentals in algorithms and data structures.
• You have a sound understanding of system performance and security.
• Comfortable to code in at least one high-level programming language - Java, Python, or Golang for scripting and automation.

Life at Grab

We care about your well-being at Grab, here are some of the global benefits we offer:

• We have your back with Term Life Insurance and comprehensive Medical Insurance.
• With GrabFlex, create a benefits package that suits your needs and aspirations.
• Celebrate moments that matter in life with loved ones through Parental and Birthday leave , and give back to your communities through Love-all-Serve-all (LASA) volunteering leave
• We have a confidential Grabber Assistance Programme to guide and uplift you and your loved ones through life's challenges.
• Balancing personal commitments and life's demands are made easier with our FlexWork arrangements such as differentiated hours

What We Stand For At Grab

We are committed to building an inclusive and equitable workplace that provides equal opportunity for Grabbers to grow and perform at their best. We consider all candidates fairly and equally regardless of nationality, ethnicity, race, religion, age, gender, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique.

About Grab and Our Workplace

Grab is Southeast Asia's leading superapp. From getting your favourite meals delivered to helping you manage your finances and getting around town hassle-free, we've got your back with everything. In Grab, purpose gives us joy and habits build excellence, while harnessing the power of Technology and AI to deliver the mission of driving Southeast Asia forward by economically empowering everyone, with heart, hunger, honour, and humility.

The Vulnerability Management Automation team is dedicated to enhancing the efficiency and accuracy of the Vulnerability Management Program through automation. Our mission is to integrate and streamline various data sources and processes to provide comprehensive vulnerability management.

You will report to the Engineer Manager and be based onsite in Petaling Jaya, Malaysia.

As a backend engineer you will: design and manage automation tools for vulnerability management. Embrace cutting-edge technologies and a culture of knowledge-sharing. Learn scalable software engineering practices and create tools for secure platform operations. Be part of an on-call rotation for infrastructure support and incident management. Grow with us!

• You will design and write with the cutting edge GO language to improve the availability, scalability, latency, and efficiency of the Security platform.
• You will partner with other engineering teams to explore and create new design/architectures geared towards scale and performance.
• You will be involved in code and design reviews to maintain our high development standards.
• You will collaborate closely with the infrastructure team in building and scaling backend services and performing root cause analysis investigations.
• You are responsible for building, and fixing large-scale systems and debugging and modifying production software.
• Write unit, functional, and end-to-end tests.

• You have a degree in Computer Science, Software Engineering, Information Technology, or related fields.
• You have solid Computer Science fundamentals in algorithms and data structures.
• You have a sound understanding of system performance and security.
• Comfortable to code in at least one high-level programming language - Java, Python, or Golang for scripting and automation.

We care about your well-being at Grab, here are some of the global benefits we offer:

• We have your back with Term Life Insurance and comprehensive Medical Insurance.
• With GrabFlex , create a benefits package that suits your needs and aspirations.
• Celebrate moments that matter in life with loved ones through Parental and Birthday leave , and give back to your communities through Love-all-Serve-all (LASA) volunteering leave
• We have a confidential Grabber Assistance Programme to guide and uplift you and your loved ones through life's challenges.
• Balancing personal commitments and life's demands are made easier with our FlexWork arrangements such as differentiated hours

We are committed to building an inclusive and equitable workplace that provides equal opportunity for Grabbers to grow and perform at their best. We consider all candidates fairly and equally regardless of nationality, ethnicity, race, religion, age, gender, family commitments, physical and mental impairments or disabilities, and other attributes that make them unique.