jobs in Neuron Solutions

Kerja Sepenuh Masa, Security Architect - Security Auditor di Neuron Solutions Federal Territory - Maukerja

Security Architect - Security Auditor

Neuron Solutions

Undisclosed

KL City, Federal Territory

Kongsi
Simpan

Lokasi Kerja

  • Kuala Lumpur Federal Territory Malaysia

Penerangan Kerja

Tanggungjawab

Job Role: Security Architect / Security Auditor

Employer: An international multi-utility company that is engaged in power generation, water and sewerage services, telecommunications, digital infrastructure (data centres), and infrastructure investment holding activities.

Location: Kuala Lumpur, Malaysia

Job Type: Permanent

Working Mode: On Site / Full Time

Experience: Minimum 2+ years of hands-on experience in system security architecture, cybersecurity governance, risk and compliance (GRC), IT infrastructure, and secure system design, with experience in threat modelling, security frameworks, and cloud/hybrid environments.

Applicant: Local Malaysian citizens

JOB OVERVIEW

The company operates a central Cyber & Security ‘Governance, Risk and Compliance’ (GRC) function, supporting and leading security arrangements for a broad range of companies, including National Critical Information Infrastructure (NCII) providers in Malaysia and internationally.

The Security Architect / Auditor role will provide essential Security Architecture and GRC support to the Lead Security Architect and Security Compliance Lead. The incumbent will deliver secure system design and engineering support, champion ‘Secure by Design’ practices, and guide & support the delivery of GRC activities across the group, engaging with subsidiary companies and their security and technical specialists, conducting periodic security reviews and audits, and leading specialist projects.

JOB DESCRIPTION

  • Directly support the Lead System Security Architect and Security Compliance Lead.
  • Develop, review and implement security architectures and frameworks for IT systems, networks & applications, and OT environments.
  • Define and enforce security policies, procedures, and best practices.
  • Prepare and/or evaluate security requirements proposed for project or tender submissions.
  • Define and employ governance and risk management procedures and methodologies.
  • Define security roadmaps based on business and enterprise priorities.
  • Develop security surveillance strategies, frameworks, and procedures.
  • Develop security assessment surveys and maturity measurement methods.
  • Identify vulnerabilities and perform security risk assessments.
  • Evaluate and recommend security tools and technologies.
  • Define and manage data gathering and reporting across the Group’s subsidiaries.
  • Develop and maintain system security architecture and design standards / templates.
  • Maintain records of system architectural patterns and secure engineering solutions.
  • Work with the YTL Power Intl Cyber Security Architect to ensure all aspects of Cyber Security Operational capability are developing appropriately and to communicate threat intel across YTL subsidiaries as required.
  • Work with the YTL Power Intl Security Compliance Lead to ensure all aspects of the GRC function are planned, implemented and applied effectively.

JOB REQUIREMENTS

  • Knowledge of Threat Modelling techniques such as Mitre ATT&CK, PASTA, STRIDE and Attack Trees.
  • Knowledge of Enterprise Architecture Frameworks such as TOGAF, DODAF, Zachman / SABSA, Gartner EA, Archimate.
  • Knowledge of Standards and Control Frameworks such as NIST 800-53 Rev.5, CIS Top 18, ISO27001/2, PCI-DSS & OWASP Top Ten.
  • Detailed experience with hybrid and cloud architecture / system design and implementation.
  • In-depth knowledge of zero trust principles, network security, cloud security, cryptography, and secure software development.
  • Practical experience in NIST CSF and CIS Controls assessment and implementation.
  • Demonstrable experience delivering detailed system security design and threat modelling.Excellent written and verbal communication skills.
  • At least 2 years work experience as a System Security Architect.
  • Previous work experience in IT architecture and infrastructure.

Benefits:

  • Opportunities for promotion
  • Professional development

Experience:

  • Threat Modelling: 2 years (Required)
  • Enterprise Architecture Frameworks: 2 years (Required)
  • Standards and Control Frameworks: 2 years (Required)

Work Location: In person

Peringatan Penting

Jangan pernah kongsikan maklumat bank atau kad kredit anda semasa memohon pekerjaan. Elakkan membuat sebarang pembayaran atau mengisi survey yang tidak berkaitan. Jika ada yang mencurigakan, sila laporkan iklan pekerjaan ini segera.

Lebih Lanjut