Job Description

ourteam is seeking an experienced and proactive Security Engineer for a mid-sized technology company focused on IT infrastructure and cybersecurity. In this role, you will be responsible for ensuring the security, integrity, and availability of the organization's infrastructure and data. You will work to implement, monitor, and maintain security systems, processes, and protocols to safeguard against unauthorized access, cyber threats, and vulnerabilities. The ideal candidate will have hands-on experience in IT security, a solid understanding of network and system security, and a passion for staying ahead of emerging threats.

Key Responsibilities

:

Security Architecture and Design

: Design, implement, and maintain security architecture for networks, servers, storage, and cloud environments, ensuring best practices are applied to protect infrastructure and sensitive data.

Threat Detection & Incident Response

: Develop and deploy threat detection systems and perform proactive threat hunting. Respond to security incidents and provide post-event analysis to improve defenses.

Security Monitoring

: Continuously monitor and assess security systems, identify potential threats or vulnerabilities, and take immediate action to address them.

Security Protocols & Standards

: Define and enforce security protocols, policies, and compliance standards (e.g., ISO 27001, NIST, GDPR, PCI DSS, RMiT). Ensure systems are compliant with industry-specific regulations and organizational requirements.

Vulnerability Management

: Conduct regular vulnerability assessments, penetration testing, and risk analysis. Collaborate with teams to mitigate risks through patch management and system hardening.

Disaster Recovery & Business Continuity

: Collaborate with other IT teams to implement and test disaster recovery plans and backup strategies to minimize downtime and ensure continuity in case of an attack or system failure.

Collaboration & Vendor Management

: Work closely with cross-functional teams (e.g., infrastructure, development, network) to integrate security practices into all phases of IT operations. Manage third-party security vendors and ensure service level agreements (SLAs) are met.

Security Documentation & Reporting

: Maintain accurate and up-to-date security documentation, including system configurations, vulnerability management records, incident response protocols, and security audits. Provide regular reports to senior management on security posture.

Continuous Improvement & Training

: Stay updated on the latest security threats, vulnerabilities, and technologies. Propose and implement enhancements to improve the security posture of the organization. Provide security awareness training to staff as needed.

Vulnerability Assessment & Penetration Testing (VA/PT)

: Conduct regularvulnerability assessments (VA) and penetration testing (Pentest)to identify security weaknesses. Analyze findings, prioritize risks, and collaborate with relevant teams to remediate vulnerabilities through patching and system hardening.

Educational Requirements

:

Minimum of 5 credits in Sijil Pelajaran Malaysia (SPM), including Bahasa Melayu, English, and Mathematics. A degree in Information Technology, Cybersecurity, or a related field is required.

Professional Certifications (is preferred)

:

Candidates should have one or more of the following certifications: Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) CompTIA Security+ Certified Cloud Security Professional (CCSP)

Experience

:

3-5 years of hands-on experience in IT security, cybersecurity, or network security roles. Strong experience in securing network infrastructure, servers, cloud platforms (e.g., AWS, Azure), and virtualization environments. Familiarity with security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and SIEM solutions. Knowledge of security vulnerabilities and threat vectors (e.g., zero-day exploits, DDoS attacks, social engineering). Experience in performing security audits, vulnerability scanning, and penetration testing.

Additional Skills

:

Strong understanding of information security frameworks and best practices. Proficiency in scripting or programming languages such as Python, Bash, or PowerShell is a plus. Excellent communication and collaboration skills. Experience with cloud security tools and frameworks (e.g., AWS Security, Azure Security Center). Ability to work in a fast-paced, dynamic environment with a focus on continuous improvement. Certifications and Skills (Preferred): ITIL or PMP certifications Cloud certifications (e.g., AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer Associate) Experience with security operations center (SOC) processes and procedures. Knowledge of compliance standards such as ISO 27001, SOC 2, GDPR, and PCI-DSS.

Other Relevant Skills

:

Professional certifications related to cybersecurity, risk management, and infrastructure security will be highly valued. Knowledge of advanced security tools and techniques, along with a passion for keeping up with the evolving cybersecurity landscape, will make you a strong candidate for this role.

Annual Increment & Performance Bonus Medical Insurance, Optical & Dental Coverage Hybrid Working Environment
Job Type: Full-time

Pay: RM10,000.00 per month

Work Location: In person