Cybersecurity Engineer (Preferred CREST certified)

Konica Minolta Business Solutions (M) Sdn Bhd is a leading provider of integrated IT solutions and services, with a strong focus on cybersecurity and digital transformation. We are a part of the global Konica Minolta group, a renowned technology company with a rich heritage and a commitment to innovation. Our mission is to empower our clients to thrive in the digital age by delivering cutting-edge solutions and exceptional customer service.

About the role

We are seeking a skilled Cybersecurity Engineer to join our team on a contract basis at our Petaling Jaya, Selangor office. As a Cybersecurity Engineer, you will play a crucial role in maintaining the security and integrity of our information systems and infrastructure. This is an exciting opportunity to contribute to the overall security and risk management strategy of our organization.

What you'll be doing

Implement, manage, and monitor security controls and defensive measures to protect computer systems, networks, and information assets.

Identify, define, and continuously improve system and network security requirements.

Configure, maintain, and troubleshoot security infrastructure devices (e.g., firewalls, IDS/IPS, endpoint protection, SIEM systems).

Configure and enhance Microsoft Security solutions such as Defender for Endpoint, Intune, Conditional Access, and Defender for Office 365.

Perform Vulnerability Assessments and Penetration Testing (VAPT) on networks, applications, and cloud environments to identify and remediate potential security risks.

Utilize automated tools and develop custom scripts to identify and exploit security vulnerabilities, and recommend effective mitigations.

Conduct risk assessments, threat modeling, security audits, and incident response simulations (e.g., tabletop exercises).

Prepare and maintain Standard Operating Procedures (SOPs) and security documentation, including incident response plans and post-engagement reports.

Collaborate with the SOC team to investigate and respond to security incidents, alerts, and escalations.

Perform patch management and coordinate remediation activities with relevant stakeholders.

Develop and deliver security awareness trainings and technical sessions for clients and internal teams.

Research emerging cybersecurity threats, tools, and best practices to continuously enhance the organization’s security framework.

Any other ad-hoc cybersecurity-related tasks as required.

What we're looking :

Bachelor's degree in Computer Science, Information Security, or a related field

Minimum 5 years of experience in a cybersecurity or network security role

Proven work experience as a Cybersecurity Engineer, Network Security Engineer, or Penetration Tester.

CREST Registered Penetration Tester (CRT) or equivalent professional certification (CREST Practitioner Security Analyst – CPSA, OSCP, CEH, etc.) is required.

Strong experience in VAPT, including use of tools such as Burp Suite, Metasploit, Nmap, Nessus, Qualys, Kali Linux, and OWASP ZAP.

Hands-on experience with security systems including firewalls intrusion detection/prevention systems, endpoint protection, authentication systems, log management, and content filtering.

Proficiency in security monitoring tools and threat analytics platforms (e.g., SIEM, EDR).

Solid understanding of network security, cloud security (Azure, AWS), and identity access management principles.

Strong knowledge of security frameworks and standards such as ISO 27001, NIST, MITRE ATT&CK, OWASP Top 10, and CIS Controls.

Excellent analytical and problem-solving skills, with the ability to work effectively under pressure.

Strong report writing and communication skills, with experience presenting technical findings to both technical and non-technical audiences.

Continuous learner with a proactive approach to researching emerging threats and improving cybersecurity posture.

Trainings will be provided for further professional development and certifications.

Additional certificates such as OSCP/OSWE/OSEP/CISSP/CISM/CompTIA Security+/CySA+ will be added advantage.

Microsoft certified : Security Operations Analyst/ Azure Security Engineer Associate.

What we offer

At Konica Minolta, we are committed to providing a supportive and rewarding work environment for our employees. As a Cybersecurity Engineer, you will have access to ongoing training and development opportunities, competitive remuneration, and the chance to work with a dynamic and innovative team.

Apply now to join our team as a Cybersecurity Engineer and be a part of our mission to create a safer and more secure digital future!