Assistant Manager Cybersecurity & Risk Management

SALARY RANGE: RM6,000-RM8,000

The position is an administrative position at the Sarawak Campus. The appointee will be responsible for carrying out duties involving various functions of Cybersecurity designated by the Director, IT.

Specifically, this role focuses on the operational implementation of security controls, monitoring of threats, executing risk assessments, and coordinating incident response activities. The appointee supports the Director, IT in maintaining the University’s security posture and ensuring infrastructure complies with established policies.

• A Bachelor’s degree in computer science, IT, or a related field from a recognized institution, with minimum of 3 – 5 years of relevant work experience including minimum of one (1) year of supervisory experience. Master’s degree holder can be considered.
• Possess at least TWO relevant IT certification(s) in active status with minimum one at professional cybersecurity level and with active status in either project management, governance and frameworks, networking, servers, clouds, security, or others. (e.g. PMP, Prince2, CRISC, CISM, CISA, CISSP, CEH, CompTIA, ITIL or equivalent)
• At least three (3) to five (5) years of relevant working experience in Cybersecurity operations, Governance, Risk, and Compliance (GRC), or Information Security management in a small to medium size organization.
• Strong knowledge of IT governance principles, regulatory requirements, risk management, and cybersecurity best practices. Experience with frameworks such as ISO 27001, NIST, and COBIT is a plus.
• Proven experience in conducting IT risk assessments (risk identification, analysis, evaluation, and treatment) and managing risk registers.
• Experience in managing cybersecurity incidents (Incident Response) and conducting root cause analysis.
• Hands‑on experience with security technologies including SIEM, Firewalls (Next‑Gen), Endpoint Detection & Response (EDR), DLP, and Vulnerability Scanners.
• Strong organizational and documentation skills, ensuring accuracy and consistency in IT policies, reports, and service management records.
• Ability to work in a team environment, mentor junior IT staff, and foster a culture of innovation and compliance within the IT department.
• Knowledge of local data protection laws (e.g., PDPA) and their application in an educational or enterprise setting.
• Familiarity with IT infrastructure, cloud computing, cybersecurity, networking, and web technologies. Hands‑on experience with ITSM tools is an advantage.