Kerja Sepenuh Masa, Cyber Security Specialist di RIAmetric Federal Territory - Maukerja

Security Operations

• Monitor and investigate security events via SIEM across

cloud, corporate IT, and PowerTrack AIoT; respond to alerts

and anomalies.

• Manage vulnerability assessments and track remediation

across endpoints, cloud workloads, and IoT field devices.

• Maintain firewall, IDS/IPS, EDR, and cloud-native security

controls.

OT / IoT Security

• Implement security controls for solar farm OT environments

— inverters, SCADA, BESS management systems, BMS, and

PowerBee EV charging.

• Mitigate IT-OT convergence risks where field devices connect

to the PowerTrack cloud platform; enforce TLS, VPN, and

network segmentation.

• Conduct security reviews of PowerTrack AIoT integrations

with field devices at LSS project sites.

Application & Cloud Security

• Embed security into the Powervest fintech platform —

encryption, API security, access control, and secure financial

document handling.

• Support DevSecOps: SAST/DAST in CI/CD pipelines, secure

code reviews, and pre-launch application security

assessments.

• Manage cloud security posture (AWS/Azure): IAM, least-

privilege, NSGs, storage policies, and compliance baselines.

GRC & Incident Response

• Maintain PDPA 2024 compliance: DPO obligations, 72-hr

breach notification, cross-border transfer controls.

• Support Bursa cybersecurity disclosures and manage ISMS

toward ISO/IEC 27001 certification.

• Maintain risk register; own the Incident Response Plan; lead

tabletop exercises bi-annually.

• Liaise with NACSA on Critical National Information

Infrastructure obligations.

Security Awareness

• Deliver awareness training for corporate staff, engineering

teams, and solar site field operators.

• Run quarterly phishing simulations; guide product teams on

secure design for new platform expansions.

REQUIREMENTS

Education & Certifications

• Bachelor's in Computer Science, Information

Security, or IT.

• Certifications preferred: CompTIA Security+, CEH,

CISSP, CISM, ISO 27001 Lead Implementer/Auditor,

or GICSP.

Experience

• 3–5 years in a cybersecurity role — SOC analyst, IT

security executive, or information security

specialist.

• OT/ICS/SCADA security experience is a strong

advantage — Solarvest operates live solar

infrastructure with internet-connected field

devices.

• Fintech application security or cloud security in a

regulated environment is a plus.

Technical Skills

• SIEM/SOC: Splunk, Microsoft Sentinel, IBM QRadar,

or equivalent.

• Cloud: AWS or Azure — IAM, NSGs, Security Hub /

Defender for Cloud.

• Network: Palo Alto / Fortinet / Cisco; IDS/IPS; VPN;

IT-OT segmentation.

• Endpoint: CrowdStrike, SentinelOne, or equivalent

EDR.

• Vuln management: Nessus, Qualys, or Rapid7.

• AppSec: OWASP Top 10, Burp Suite, Checkmarx, or

SonarQube.

• Frameworks: ISO 27001, NIST CSF required; IEC

62443 (OT) is a strong advantage.

• Scripting: Python, PowerShell, or Bash.

• Regulatory: PDPA (Malaysia) 2024 Amendment —

DPO, breach notification, cross-border transfers.

Personal Attributes

• Works independently across multiple workstreams

in a fast-moving environment.

• Can translate technical risk into clear management-

level communication.

• Disciplined in documentation — audit trails,

incident records, compliance evidence.