Talent.com
Vulnerability & Security Posture Management Engineer
Vulnerability & Security Posture Management EngineerThe British American Tobacco Group • SelangorMalaysia, Selangor, Malaysia
No longer accepting applications
Vulnerability & Security Posture Management Engineer

Vulnerability & Security Posture Management Engineer

The British American Tobacco Group • SelangorMalaysia, Selangor, Malaysia
30+ days ago
Job description

Overview

BAT is evolving at pace into a global multi-category business. Our purpose is to create A Better Tomorrow™ by Building a Smokeless World. To achieve our ambition, we are looking for colleagues who are ready to join us on this journey! Tomorrow can’t wait, let’s shape it together! BAT Digital Business Solution has an exciting opportunity for a Vulnerability & Security Posture Management Engineer in Subang Jaya.

Responsibilities

  • Security Posture Management : Develop and implement continuous monitoring and enforcement of security configurations and policies across various platforms, leveraging tools like Microsoft E5 capabilities (e.g., Defender External Attack Surface Management, Defender for Identity, Defender for Endpoint, Defender for Office 365, Defender for Cloud Apps). Drive the reduction of configuration drift and ensure compliance with BAT security and technical standards, and external regulations.
  • Vulnerability Management : Lead the execution and optimization of vulnerability scanning using Qualys and other tools. Analyze, prioritize, and report on vulnerabilities based on risk, exploitability, and business impact. Proactively monitor threat intelligence feeds and advisories (e.g., CVE, CISA, NCSC, vendor bulletins) to stay current on emerging vulnerabilities and exploits. Collaborate with IT and BAT partners to ensure timely and effective remediation efforts are implemented and tracked.
  • Attack Surface Management : Continuously discover and inventory all internal and external assets, including cloud resources, to maintain a comprehensive view of the attack surface. Monitor for changes in the attack surface and proactively assess new exposures.
  • Reporting & Strategy : Generate clear, actionable reports and dashboards for technical teams and leadership detailing vulnerability status, trends, and risk reduction over time. Contribute to the strategic planning and selection of security tools and technologies.

Qualifications

  • Experience : Minimum 3+ years of experience in information security, with hands-on focus on vulnerability management, threat analysis, or security posture management.
  • Technical skills : Deep hands-on experience with commercial and open-source security tools, including Qualys (or similar platforms like Tenable / Rapid7); Microsoft E5 Security Stack (e.g., Defender for Endpoint, Defender for Identity, Defender for Cloud Apps) and Microsoft Exposure Management; Cloud (e.g., Azure, AWS).
  • Understanding : Knowledge of threat intelligence sources (e.g., CVE, CISA, vendor advisories) and how to apply them to remediation efforts.
  • Communication : Strong ability to translate raw technical data into business-relevant risk and remediation priorities; excellent communication, collaboration, and project management skills to drive cross-functional security initiatives.

    • What we offer

  • Market-leading annual performance bonus (subject to eligibility).
  • Benefits vary by country and include health plans, work-life balance initiatives, transportation support, and a flexible holiday plan with additional incentives.
  • Opportunities for internal advancement with a focus on your development; access to online learning platforms and personalized growth programs to nurture leadership skills.
  • Continuous improvement within a transformative environment to prepare for ongoing changes.

    • Why join BAT?

    We’re one of the few companies named as a Global Top Employer by the Top Employers Institute. Collaboration, inclusion and partnership underpin everything we do. We enable every individual to thrive, regardless of background, and support career breaks through The Global Returners program. Learn more about our culture and employee experience here. If you require any reasonable adjustments during recruitment, please notify us. We are committed to supporting you.

    #J-18808-Ljbffr

    Create a job alert for this search

    Security Engineer • SelangorMalaysia, Selangor, Malaysia

    Similar jobs
    Vulnerability & Security Posture Management Engineer

    Vulnerability & Security Posture Management Engineer

    BAT • Kuala Lumpur, Kuala Lumpur, Malaysia
    Vulnerability & Security Posture Management Engineer.BAT Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia.BAT Digital Business Solution has an exciting opportunity for a Vulnerability & Se...Show more
    Last updated: 30+ days ago • Promoted
    Security Engineer (Project)

    Security Engineer (Project)

    Orange Business • Kuala Lumpur, Kuala Lumpur, Malaysia
    Orange Business is a network and digital integrator that understands the entire value chain of the digital world, freeing customers to focus on strategic initiatives. With over 30,000 employees worl...Show more
    Last updated: 30+ days ago • Promoted
    Senior Cybersecurity Engineer : Cloud & SaaS Security Lead

    Senior Cybersecurity Engineer : Cloud & SaaS Security Lead

    Mindvalley, Inc. • Shah Alam, Selangor, Malaysia
    A growth-oriented tech company in Malaysia is seeking a Cybersecurity Senior Engineer to lead and enhance their cybersecurity initiatives. This role requires expertise in GCP security, vulnerability...Show more
    Last updated: 11 days ago • Promoted
    Security Engineering Leader : Cloud, DevSecOps & Compliance

    Security Engineering Leader : Cloud, DevSecOps & Compliance

    Krisvconsulting Services Pte Ltd • Kuala Lumpur, Kuala Lumpur, Malaysia
    A leading consulting firm is looking for a Head of Security Engineering to lead the design and implementation of security infrastructure. The ideal candidate will have over 10 years in cybersecurity...Show more
    Last updated: 7 days ago • Promoted
    Senior SecOps Engineer : Threat Hunting & IR Lead

    Senior SecOps Engineer : Threat Hunting & IR Lead

    Barry Callebaut • Petaling Jaya, Selangor, Malaysia
    A leading company in the food industry is seeking a Senior Security Engineer SecOps to enhance its cybersecurity posture. This role involves coordinating incident response, analyzing security threat...Show more
    Last updated: 7 days ago • Promoted
    Cloud Security Engineer

    Cloud Security Engineer

    ITC Infotech • Kuala Lumpur, Kuala Lumpur, Malaysia
    Senior) Security Engineer, Security Engineering & Threat Intelligence.ITC Infotech, Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia. ITC Infotech is a wholly owned ITC Ltd company that pro...Show more
    Last updated: 30+ days ago • Promoted
    Site Reliability Engineer (SRE)

    Site Reliability Engineer (SRE)

    Encora Inc. • Kuala Lumpur, Kuala Lumpur, Malaysia
    Site Reliability Engineer (SRE).Manage, operate, and optimize VMware Cloud Foundation (VCF) environments.Configure and maintain vCenter, ESXi clusters, and vRealize Suite components (vROps, vRA, vR...Show more
    Last updated: 21 days ago • Promoted
    Security Engineer

    Security Engineer

    PayNet (Payments Network Malaysia) • Kuala Lumpur, Kuala Lumpur, Malaysia
    Lead security solution initiatives, from architecture, design, deployment to operationalizing and other technical security assessment and implementation (at various layers).Ensure sound security pr...Show more
    Last updated: 23 days ago • Promoted
    Senior Engineer, Cloud Security Operations

    Senior Engineer, Cloud Security Operations

    Gokardz • Kuala Lumpur, Kuala Lumpur, Malaysia
    Administer and manage cloud-native network security controls such as Azure Network Security.Groups (NSGs), AWS Security Groups, and cloud firewall policies. Oversee secure network connectivity betwe...Show more
    Last updated: 30+ days ago • Promoted
    Team Lead - Security Engineering

    Team Lead - Security Engineering

    TG Malaysia • Kuala Lumpur, Kuala Lumpur, Malaysia
    Assistant Manager - Regional Recruitment at TG Malaysia | APAC Talent Acquisition Leader | Driving Cross-Border Hiring Strategies. Work within established practices and represent Security Engineerin...Show more
    Last updated: 4 days ago • Promoted
    IAM Security Ops Engineer - 24 / 7 Access & Incident Response

    IAM Security Ops Engineer - 24 / 7 Access & Incident Response

    Eli Lilly and • Petaling Jaya, Selangor, Malaysia
    A leading global healthcare company is seeking a Security Ops Engineer in Petaling Jaya, Malaysia, to oversee identity and access management systems. This crucial role involves incident management, ...Show more
    Last updated: 3 days ago • Promoted
    Security Engineer

    Security Engineer

    Career Horizons • Kuala Lumpur, Kuala Lumpur, Malaysia
    We collaborate with leading financial institutions and industry partners to provide innovative and accessible financial solutions. Grown into a trusted financial services provider, offering a wide r...Show more
    Last updated: 30+ days ago • Promoted
    Resident Engineer (Cyber Security)

    Resident Engineer (Cyber Security)

    Bright Nexus (M) Sdn Bhd • Kuala Lumpur, Kuala Lumpur, Malaysia
    The primary focus of the Resident Engineer is to provide technical support, able to deliver “best-practices” and performing technical operation to selected customers. The candidate should display an...Show more
    Last updated: 30+ days ago • Promoted
    Cloud Security Engineer

    Cloud Security Engineer

    The Access Group • Kuala Lumpur, Kuala Lumpur, Malaysia
    We are seeking an experienced Cloud Security Engineer to lead our cloud infrastructure security initiatives as part of our Infrastructure Vulnerability Management program.This role focuses on secur...Show more
    Last updated: 30+ days ago • Promoted
    Cloud Security Engineer : Multi-Cloud Safeguard & DevSecOps

    Cloud Security Engineer : Multi-Cloud Safeguard & DevSecOps

    The Access Group • Kuala Lumpur, Kuala Lumpur, Malaysia
    A leading cloud security solutions provider in Kuala Lumpur seeks an experienced Cloud Security Engineer to secure multi-cloud environments, focusing on Azure, AWS, and Google Cloud Platform.The id...Show more
    Last updated: 15 days ago • Promoted
    Security Engineer (SOC L2 / L3 – Chronicle SIEM & SOAR)

    Security Engineer (SOC L2 / L3 – Chronicle SIEM & SOAR)

    Accenture Southeast Asia • Kuala Lumpur, Kuala Lumpur, Malaysia
    Security Engineer (SOC L2 / L3 – Chronicle SIEM & SOAR).Apply security expertise to design, build, and protect enterprise systems, applications, and processes. Provide SOC Level 2 and Level 3 support,...Show more
    Last updated: 30+ days ago • Promoted
    Cloud Security Engineer

    Cloud Security Engineer

    Accenture Southeast Asia • Kuala Lumpur, Kuala Lumpur, Malaysia
    Design, implement, and manage security solutions for cloud environments (e.Develop and enforce cloud security policies, standards, and best practices. Monitor and respond to security incidents and v...Show more
    Last updated: 30+ days ago • Promoted
    Senior Security Engineer Sec Ops

    Senior Security Engineer Sec Ops

    Barry Callebaut • Petaling Jaya, Selangor, Malaysia
    Senior Security Engineer SecOps,.Director of Security Operations.Your responsibilities will include coordinating incident response, improving security configurations and integrations of the SOC too...Show more
    Last updated: 30+ days ago • Promoted