IT Security Officer

Support and co-manage the organization’s cybersecurity controls, including endpoint protection (EDR &SIEM), email and web security, data loss prevention, threat intelligence report and cloud security, ensuring consistent performance and alignment with regulatory requirement & corporate policies.

Monitor, investigate, and respond to security alerts and incidents.

Perform routine maintenance and optimization of information security tools, including:

• Verify agent health, signature updates, and coverage across all assets
• Ensuring complete ingestion of log sources.
• Reviewing platform health and alert tuning.
• Maintaining up-to-date operational documentation

Coordinate and oversee VAPT performed by external vendors, ensuring findings are addressed and fixes implemented within agreed timelines.

Conduct regular vulnerability scans track remediation progress with infrastructure and application owners, and ensure vulnerabilities are addressed within agreed timelines.

Engage in communication with vendors in order to resolve issues, including coordinating with vendors for the execution of projects.

Execute, maintain, and enhance IT Security Operating Compliance Manual, ensuring all processes, baselines, and guidelines remain current and effective.

Work closely with other IT functions and business stakeholders to close identified cybersecurity gaps and support remediation initiatives.

Assist the IT Team in managing and keeping track of the company's information technology asset.

Conduct phishing simulation campaigns and deliver security awareness sessions to promote a strong security culture across the organization.

Stay updated on emerging threats, security tools, and industry trends, and recommend relevant improvements to strengthen the organization’s cybersecurity posture.

Assist Senior IT Security Officer in internal and external audits

Engage in collaborative efforts with Senior IT Security Officer to conduct a security assessment of the architecture of newly introduced services.

Good grasp of cybersecurity fundamentals.

Basic knowledge of IT infrastructure, including servers, storage, networking, and endpoint systems.

Basic knowledge of network technologies such as routing, switching, wireless and VPN solutions.

Familiar with system administration and maintenance across Windows/Linux and cloud-based environments.

Exposure to incident handling processes and cybersecurity operations.

Exposure to regulatory expectations.

Independent, proactive, and reliable in managing assigned tasks.

Degree/Diploma in Information Security, Computer Science, or related field.

At least 3 years of experience in IT security.

Hands-on experience with security tools such SIEM & EDR platform, IDS/IPS, DLP, WAF and stateful firewall.

Relevant certifications (CC,SSCP, GIAC, CCOA, CCSK, CompTIA Security+) will be an advantage.

Your application will include the following questions:

Which of the following statements best describes your right to work in Malaysia? What's your expected monthly basic salary? Which of the following types of qualifications do you have? How many years' experience do you have as an Information Technology Security Officer?