Job Description

Requirements

Proven experience in security architecture design, preferably by financial services or insurance industries.

Bachelor's degree in computer science, Cybersecurity, Engineering, or related discipline.

At least 8 years of experience in IT security architecture, risk management, or cybersecurity operations.

Strong knowledge of security frameworks (e.g., ISO/ IEC 27001, NIST, ISO 27001, COBIT).

Knowledge of cloud security architecture and platform (Azure preferred), and DevSecOps practices.

Experience in threat modeling, risk assessment and security control implementation.

Hands on experience with security technologies such as firewalls, SIEM, IAM, DLP, and endpoint protection.

Familiarity with regulatory requirements (e.g., PDPA, GDPR) and industry standards (e.g., PCIDSS).

Excellent analytical, problem-solving, and decision-making skills.

Experience in Agile and Waterfall methodologies and secure software development lifecycle (SDLC).

Relevant certifications such as CISSP, CISM, or SABSA is highly desirable.

Roles and Responsibilities

Lead the development and implementation of enterprise security architecture strategies, framework and mitigation plan

Design secure systems and network architecture aligned with business and regulatory requirements

Translate business and technical requirements into secure architecture solutions.

Own the security review process and produce security design blueprint for ARB and other governance forums.

Provide security architecture assurance aligned with enterprise architecture, roadmap, and standards.

Conduct threat modeling, risk assessments, and security impact analysis for new and existing solutions.

Collaborate with solution architects and development teams to ensure secure design and implementation.

Present security architecture and risk mitigation strategies to ARB Forum and other stakeholders.

Define and maintain security standards, guidelines, and reference architectures.

Evaluate new and emerging security technologies and recommend adoption where appropriate.

Stay informed on regulatory changes impacting cybersecurity within the insurance and financial domain.

Provide security architecture advisory, guidance and assurance support LIS (Local Information Security) team investigations of security breaches.

Review and endorse technical documents including impact analysis, functional design, and interface agreements from a security perspective.

Provide input to strategic direction of security investments and enterprise risk posture.

Mentor junior team members and promote security awareness across IT and business teams.

Engage with senior leadership and business users to align security architecture with business needs.

Act as the technical subject matter expert for all security-related design and decisions.

Job Type: Full-time

Pay: RM10,000.00 - RM18,000.00 per month

Benefits:

Health insurance Maternity leave Opportunities for promotion Professional development
Work Location: In person