jobs in Monroe Consulting Group

Kerja Sepenuh Masa, Head Information Technology Security di Monroe Consulting Group Sarawak - Maukerja

Head Information Technology Security

Monroe Consulting Group

Kongsi
Simpan

Lokasi Kerja

  • Kuching Sarawak Malaysia

Penerangan Kerja

Tanggungjawab

Monroe Consulting Group is partnering with a leading organisation in the Information Technology sector to recruit a Head Information Technology Security. This opportunity is based in Sarawak, Malaysia.


Position Overview

Lead the development, implementation, and governance of the organisation’s cybersecurity strategy, ensuring the protection of critical systems, digital assets, and sensitive information. Drive cyber resilience, risk management, compliance, and security operations to support secure, reliable, and business-critical technology services.


Key Responsibilities

A. Security Strategy & Governance

  • Develop and drive the enterprise cybersecurity strategy and roadmap aligned with industry-standard security frameworks and organisational objectives.
  • Establish, maintain, and enforce security policies, standards, procedures, and technical baselines.
  • Provide leadership on security architecture, governance, and risk management initiatives.
  • Support the protection of critical information systems and business services.


B. Cyber Defence & Security Operations

  • Lead security operations functions, including endpoint protection, threat detection, vulnerability management, and security monitoring.
  • Evaluate and implement emerging security technologies to strengthen the organisation's cyber resilience.
  • Direct cybersecurity incident response activities, ensuring timely investigation, containment, remediation, and recovery.
  • Collaborate with relevant stakeholders to maintain business continuity and operational resilience.


C. Compliance & Risk Management

  • Ensure compliance with applicable cybersecurity, privacy, regulatory, and industry requirements.
  • Coordinate security audits, penetration tests, vulnerability assessments, and risk reviews.
  • Oversee security risk management activities and the implementation of remediation plans.
  • Support backup, recovery, and disaster recovery validation processes for critical systems and infrastructure.


D. Security Automation & Integration

  • Drive the adoption of security automation and orchestration capabilities to improve operational efficiency and threat response.
  • Partner with technology teams to embed security controls throughout system development and deployment lifecycles.
  • Promote secure-by-design principles across applications, infrastructure, and cloud environments.
  • Ensure effective vulnerability remediation and security patch management practices.


E. Identity & Access Management (IAM)

  • Govern user access management processes in accordance with the principle of least privilege.
  • Oversee identity and access security controls across enterprise platforms and services.
  • Ensure appropriate authentication, authorisation, and privileged access management practices are implemented.


F. Vendor & Service Management

  • Manage relationships with cybersecurity technology vendors, service providers, and strategic partners.
  • Monitor vendor performance and service delivery against agreed service levels and security requirements.
  • Evaluate new security solutions and services to meet evolving business needs.


G. Leadership & Stakeholder Engagement

  • Lead, mentor, and develop a team of cybersecurity professionals.
  • Foster organisational awareness and adoption of cybersecurity best practices.
  • Provide regular updates to leadership on security posture, risk exposure, threat landscape, and strategic initiatives.
  • Support budgeting, technology lifecycle planning, and cybersecurity investment decisions.


Key Requirements

Qualifications & Experience

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related discipline.
  • 7–10 years of experience in cybersecurity, information security, or technology risk management.
  • Minimum 5 years of hands-on experience in cybersecurity operations, governance, risk, or compliance functions.
  • At least 3 years of leadership, people management, or supervisory experience.
  • Experience operating within complex, business-critical, and highly available environments.
  • Experience supporting multiple locations or regional operations is preferred.
  • Familiarity with enterprise architecture and governance frameworks is advantageous.
  • Professional certifications such as CISSP, CISM, CompTIA Security+, CompTIA Network+, PMP, PRINCE2, CAPM, or equivalent project management certifications are preferred.


Technical / Functional Expertise

  • Strong expertise in endpoint security and threat detection technologies.
  • Strong knowledge of Identity and Access Management (IAM) solutions and controls.
  • Experience with cloud security and enterprise infrastructure protection.
  • Expertise in security monitoring, incident response, and vulnerability management.
  • Strong understanding of network and infrastructure security.
  • Experience in security automation and orchestration capabilities.
  • Knowledge of security architecture, governance, and risk management.
  • Experience embedding security controls throughout system development and deployment lifecycles.
  • Familiarity with backup, recovery, and disaster recovery validation processes.
  • Experience managing cybersecurity technology vendors, service providers, and strategic partners.
  • Understanding of modern cybersecurity frameworks and secure-by-design principles.


Soft Skills & Leadership Competencies

  • Strong leadership and team development capabilities.
  • Excellent stakeholder management and cross-functional collaboration skills.
  • Ability to influence and engage senior leadership on security-related matters.
  • Strong analytical, problem-solving, and decision-making abilities.
  • Effective communication and presentation skills.
  • Ability to operate effectively in dynamic, high-pressure, and business-critical environments.
  • Strong planning, organisational, and project management skills.
  • Commitment to fostering a culture of cybersecurity awareness and continuous improvement.

Peringatan Penting

Jangan pernah kongsikan maklumat bank atau kad kredit anda semasa memohon pekerjaan. Elakkan membuat sebarang pembayaran atau mengisi survey yang tidak berkaitan. Jika ada yang mencurigakan, sila laporkan iklan pekerjaan ini segera.

Lebih Lanjut