Senior Executive , Cybersecurity Operations & Governance

Senior Executive, Cybersecurity Operations & Governance at Asia Pacific University College of Technology & Innovation – Bukit Jalil, Kuala Lumpur.

• Coordinate closely between SOC, NOC, and DevOps teams to ensure a unified approach to security monitoring, incident handling, and infrastructure protection.
• Monitor and investigate alerts using SIEM tools.
• Manage and maintain firewall, VPN, and IPS/IDS systems.
• Lead and coordinate incident response activities, including root cause analysis and lessons learned.
• Conduct vulnerability assessments and penetration testing on servers, endpoints, and network infrastructure.
• Manage and enforce security controls within Microsoft Azure, Microsoft 365, and AWS environments.
• Configure and audit IAM roles, encryption policies, and virtual network security.
• Collaborate with DevOps to embed DevSecOps practices, ensuring secure builds and deployments.
• Monitor cloud compliance using Defender for Cloud, AWS Security Hub, and other cloud-native tools.

• Perform vulnerability analysis, penetration testing, and code-level security reviews for APU’s in-house developed applications.
• Conduct application-layer pentesting for external clients, delivering professional reports and remediation guidance.
• Work with developers to identify and fix security issues following OWASP Top 10 and secure coding standards.
• Integrate SAST, DAST, and dependency scanning tools into CI/CD pipelines.
• Maintain a centralized repository of test results, remediation actions, and risk ratings.
• Support client-facing security engagements, prepare pentest reports, and present findings professionally.

• Implement and maintain cybersecurity governance policies aligned with ISO 27001, ISO 21001, and PDPA.
• Maintain security risk registers, track mitigation actions, and support audits and compliance checks.
• Prepare management reports on cybersecurity incidents, risk posture, and audit readiness.
• Ensure consistent documentation and adherence to APU’s IT governance framework.
• Function as the operational bridge between SOC, NOC, and DevOps for incident management and system hardening.
• Lead coordinated vulnerability and patch management cycles.
• Collaborate with system owners and developers to enforce security-by-design principles.
• Participate in cyber drills, tabletop exercises, and security awareness programs.

• Bachelor’s Degree in Cybersecurity, Computer Science, Information Technology, or related field.
• At least 3 years of experience in cybersecurity operations, penetration testing, or infrastructure security.
• Strong technical expertise in:
• Microsoft Security Stack: Defender XDR, Sentinel, Azure AD, Intune, M365 Security & Compliance.
• Cloud Security: Azure and AWS (IAM, GuardDuty, CloudTrail, CloudWatch).
• Network Security: Check Point, WatchGuard, Sophos firewalls and VPNs.
• Application Security: OWASP Top 10, secure coding, SAST/DAST, and CI/CD pipeline integration.
• Experience in preparing formal pentest reports and client deliverables.

• Rocheston Certified Cybersecurity Engineer (RCCE)
• Microsoft Certified: Security Operations Analyst (SC-200), Azure Security Engineer (AZ-500)
• AWS Certified: Security – Specialty or Solutions Architect Associate
• Certified Ethical Hacker (CEH), CompTIA Security+ / CySA+, OSCP

We thank you for your application. Please note that only shortlisted candidates will be notified.

Be careful - Don’t provide your bank or credit card details when applying for jobs. Don\'t transfer any money or complete suspicious online surveys. If you see something suspicious, report this job ad.