Job Description

Key Responsibilities

Network & System Security Architecture

Design and implement secure network architectures (e.g., segmentation, zero-trust, VPNs, firewalls) to protect data in transit and at rest. Define security requirements for new systems, applications, and network changes. Collaborate with infrastructure, DevOps, and application teams to embed security controls into network and system designs.

Security Monitoring & Threat Detection

Configure, maintain, and monitor security tools such as firewalls, Intrusion Detection/Prevention Systems (IDS/IPS), Network Access Control (NAC), and Security Information and Event Management (SIEM) systems. Conduct continuous monitoring of network traffic, logs, and events to identify anomalies, intrusions, or suspicious behavior. Develop and maintain threat intelligence capabilities to stay ahead of emerging threats.

Vulnerability Management & Penetration Testing

Perform regular vulnerability assessments, scans, and penetration tests on networked systems. Work with red-team / pentest teams to simulate attacks and identify weak points. Analyze vulnerability findings, prioritize risks, and follow through on remediation or mitigation efforts.

Incident Response & Forensics

Act as part of the security incident response team: investigate security incidents, contain threats, and execute recovery plans. Conduct root-cause analysis for security breaches or anomalies. Document incidents and post-mortem reports; propose corrective actions to prevent future recurrence.

Secure Configuration & Hardening

Define and enforce security hardening standards for servers (Windows, Linux), network devices, and databases. Automate security configuration management and patching processes. Maintain secure baselines and configuration checklists.

Identity & Access Management (IAM)

Implement and manage identity management solutions, user authentication, and authorization mechanisms. Enforce least-privilege access, role-based access control (RBAC), and multi-factor authentication (MFA) in critical systems.

Regulatory Compliance & Risk Management

Ensure network and system security aligns with financial industry regulations, such as PCI-DSS, GDPR, or local banking regulations. Support risk assessment exercises, internal audits, and external regulatory audits. Develop and maintain security policies, standards, and procedures.

Disaster Recovery & Business Continuity

Work with operations and DR teams to design, test, and maintain secure disaster recovery (DR) and business continuity (BC) plans for critical IT infrastructure. Participate in regular DR drills and validate the security of backup environments.

Security Projects & Continuous Improvement

Lead or participate in security projects, such as network upgrades, cloud migrations, or security tool deployments. Research, evaluate, and recommend new security technologies and solutions. Provide security guidance and training to other IT teams, ensuring security best practices are followed.

Documentation & Reporting

Maintain detailed documentation of network architecture, security configurations, incident response plans, and security policies. Generate periodic security reports (e.g., risk posture, compliance status, incident trends) for management. Prepare and deliver presentations on security status, initiatives, and metrics to senior stakeholders.
Required Skills & Qualifications

Bachelor's or Master's degree in

Computer Science

,

Information Security

,

Network Engineering

, or related discipline.

3-7 years

of experience in network security, system security, or cybersecurity, preferably within the financial services industry. Strong knowledge of network protocols (TCP/IP, BGP, MPLS, etc.) and network devices (routers, switches, firewalls). Hands-on experience with security tools: firewalls, IDS/IPS, SIEM, NAC, VPN, etc. Experience in vulnerability assessment and penetration testing. Knowledge of identity and access management (IAM) principles and technologies. Experience with secure configuration, patch management, and system hardening for Windows/Linux servers. Familiarity with regulatory frameworks and compliance (e.g., PCI-DSS, ISO 27001, local banking regulations). Strong scripting or automation skills (Python, PowerShell, Bash) to automate security tasks. Familiarity with cloud security (if financial institution uses cloud): securing cloud networks, cloud-native security controls. Excellent problem-solving skills, analytical mindset, and attention to detail. Good communication skills -- able to explain technical security concepts to non-technical stakeholders.
Preferred / Nice-to-have

Relevant security certifications:

CISSP

,

CISM

,

CEH

,

CCNP Security

, or

Certified Network Security Engineer

. Experience in financial institutions (banking, fintech, insurance) and understanding financial risk models. Knowledge of encryption technologies (TLS/SSL, PKI), data loss prevention (DLP), and key management. Experience with cloud platforms (AWS, Azure, GCP) and securing cloud networking. Experience with container security, microservices, and securing orchestration platforms (Kubernetes, Docker). Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.
Job Type: Permanent

Pay: RM6,500.00 - RM9,200.00 per month

Benefits:

Opportunities for promotion Professional development
Work Location: In person