Security jobs in Malaysia

The Cyber Security Lead is responsible for planning, implementing, and managing the overall cyber security strategy for Johor Plantations Group Berhad. This role will play a crucial part in protecting the company's sensitive data, critical infrastructure (including IoT devices and industrial control systems), and reputation from cyber threats. The ideal candidate will have a strong understanding of cyber security frameworks, risk management, incident response,

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.

• More than 5 years of experience in cyber security, with at least 2 years in a management role
• Proven track record in assurance for IT operations and compliance activities.
• Experience with security technologies such as firewalls, IDS/IPS, endpoint detection and response (EDR), SIEM, and vulnerability scanners.
• Experience in securing OT/ICS environments is highly desirable.
• Knowledge of SCADA systems, PLC security and Experience with securing IoT devices used in agriculture (e.g., sensors, drones) is highly desirable.

• Relevant certifications such as CISSP, CISM, or GIAC are preferred.
• Additional certifications such as ISO/IEC 27001.

• Strong understanding of cyber security frameworks (NIST, ISO 27001) and best practices.
• Knowledge of cyber security regulations and compliance requirements.
• Excellent communication, interpersonal, and leadership skills.
• Specific Requirements for a Plantation Company:
• Understanding of the unique security challenges faced by plantation companies (e.g., remote locations, limited connectivity).
• Ability to work with a diverse workforce, including those with limited technical skills.

• Design, implement, and maintain a comprehensive cyber security program aligned with industry best practices (NIST, ISO 27001, etc.) and business objectives. Conduct regular risk assessments to identify vulnerabilities and threats to company systems and data.

• Stay informed about emerging cyber security threats and vulnerabilities relevant to the plantation industry (e.g., smart agriculture, supply chain threats).

• Oversee the deployment and management of security tools such as firewalls, intrusion detection/prevention systems, endpoint protection, and security information and event management (SIEM) systems.
• Secure operational technology (OT) and industrial control systems (ICS) used in plantation operations.
• Manage security for cloud-based infrastructure and applications.
• Ensure proper access controls are in place for all systems and data.

• Develop and maintain an incident response plan to address cyber security incidents effectively.
• Lead incident response efforts, including investigation, containment, eradication, and recovery.
• Conduct post-incident analysis to identify root causes and improve security posture.

• Ensure compliance with relevant cyber security regulations and standards.
• Develop and deliver security awareness training programs for employees on topics such as phishing, social engineering, and password security.

• Assess and manage the security risks associated with third-party vendors and partners.
• Ensure that security requirements are included in contracts with vendors.

• Regularly review and update the cyber security program to adapt to changing threats and business needs.
• Proactively identify and implement security enhancements.

• Collaborative Culture: Work closely with diverse teams across Digital Core Solution and Digital Infrastructure departments to ensure cohesive governance practices.
• Innovative Environment: Be part of a forward-thinking organization that values continuous improvement and technological innovation.
• Professional Growth: Opportunities for ongoing training, certification, and development in digital governance, IT audit, and related areas.
• Dynamic Challenges: Engage with complex, real-world challenges in IT governance and audit processes, contributing to meaningful improvements in the digital landscape.
• Hybrid Work Opportunities: Flexible working arrangements to balance in-office collaboration and remote productivity.
• High-Impact Role: Directly contribute to enhancing organizational compliance, security, and efficiency within the digital ecosystem.
• Supportive Leadership: Benefit from a leadership team that prioritizes transparency, accountability, and mentorship.