Job Description

Experience:

1 to 3 years

Malaysian Only

Position Objective:

The role of the candidate is to be a part of GIS Cybersecurity team and lead the analysis of vulnerabilities .

Roles and Responsibilities:

Vulnerability Management - Work collaboratively with Product and Technology team members to identify, validate, communicate, and track vulnerabilities in AIA's assets, applications, and networks. Use intelligence feeds such as vulnerability reports and risk assessments to rate and prioritise vulnerabilities within the AIA environment. Document vulnerabilities which are discovered within the AIA estate and provide guidance on remediation and mitigations. Review vulnerabilities with AIA colleauges and technology suppliers, highlighting any vulnerabilties which need urgent remediation and analyses trend data to look at performance over time. Comfortable using tool vulnerability scanning and other security tooling. Assist with the governance of vulnerabilities such as tracking remediation, investigating the root cause of vulnerability occurrences and running initiatives to reduce vulnerabilities. Provide input and advise of any changes required to the AIA standards and SOPs. Where possible look for opportunities to automate risk assessment procedures, hands on tasks and data collection.
Candidate may be asked to be involved in additional supporting role for strategical work and security related projects.

Minimum Job Requirements:

Ideally meeting 3 or more of the below requirements:

Degree in Computer Science or related discipline. Preferable with Information Security related certifications e.g., Certified Ethical Hacker (CEH), CompTIA Security+ , Azure fundamentals, ISACA Cybersecurity Fundamentals, (ISC) Systems Security Certified Practitioner (SSCP)

1-3 years' experience working with on of the following infrastructure security, application security, cloud security, and container security.

Familiar with security testing procedures, security scanning tools, vulnerability, and compliance management.

Penetration testing is especially beneficial.

Proficiency in scanning tools such as Tennable,Veracode, Prisma, Qualys or similar vulnerability scanning tools. Relevant experience with security benchmarks, such as CIS, OWASP, SANS, etc. Familiarity with cloud-native concepts and tools e.g. Azure Kubernetes Service
Job Types: Full-time, Contract
Contract length: 12 months

Pay: RM3,470.73 - RM5,000.00 per month

Benefits:

Health insurance Professional development
Work Location: In person