Cyber Security Manager

BAT is evolving at a pace into a global multi-category business. Our purpose is to create A Better Tomorrow by Building a Smokeless World.

To achieve our ambition, we are looking for colleagues who are ready to join us on this journey! Tomorrow can’t wait, let’s shape it together!

• Reporting Level: Individual Contributor
• Geographic Scope: Malaysia
• Seniority Level: Experienced Professional

Maintain strategic relationships with designated markets in Cyber Security. Act as the partner to quickly address market needs such as risk assessments, training, incidents, and ensure key Cyber Resilience initiatives are implemented. Responsibilities include OT deployments, cyber hygiene, vulnerability management, awareness campaigns, risk management, incident communication, and supporting cyber compliance initiatives.

Collaborate with other Cyber Security teams to ensure relevant and timely services to markets. Maintain expertise in specific domains like finance, supply chain, marketing, trade systems, or system integrations.

This role influences the security posture of several markets, advising management on cybersecurity importance, risks, and remediation strategies.

1. Serve as the first contact for security matters in the market, aligning priorities and representing Cyber Security.
2. Deliver cybersecurity metrics and coordinate necessary actions.
3. Translate business requirements to Cyber Security teams and coordinate delivery.
4. Manage market-specific cybersecurity projects, risk assessments, and reassessments.
5. Drive regional or global security projects within your expertise.
6. Manage cyber risks collaboratively with team members.
7. Implement OT security projects as applicable.
8. Own tools and processes related to risk assessment and assurance.
9. Contribute to GRC cyber standards and procedures.

• 5+ years in information security with increasing scope.
• Experience communicating with business partners up to director level.
• Ability to translate technical language for business users.
• Experience assessing cyber risks of projects, vendors, and technologies.
• Knowledge of security management, technologies, architecture, and audits.

• Knowledge of networking, application development, incident response, vendor management, and OT security.
• Deep security knowledge in at least one business area such as manufacturing, finance, or supply chain.
• Understanding of cloud security, especially Azure and AWS.
• Decision-making skills under pressure.
• Business acumen and ability to communicate technical and business ideas clearly.
• Project management experience in security or IT.

Market-leading annual performance bonus, diverse benefits including health plans, work-life balance initiatives, transportation support, flexible holidays, and growth opportunities. Access to online learning and leadership development programs. We foster continuous improvement and transformation.

Recognized as a Global Top Employer, we promote collaboration, inclusion, and diversity. We support career breaks through programs like The Global Returners. Join us to bring your unique perspective and grow your career. Learn more about our culture and employee experience here.