1. Core Purpose of the Role
regulatory requirements (BNM RMiT, ISO, NIST, etc.)
into enforceable
security controls, SOPs, and system configurations
continuous compliance
while strengthening the overall
security posture
of the organization.
2. Key Responsibilities
Vulnerability Assessments & Penetration Testing (VAPT)
, vulnerability scans, configuration reviews.
via SOC reports, logs, alerts (firewalls, IDS / IPS, EDR, PAM, VPN, etc.).
cloud security controls
(AWS, Azure) and maintain security baselines.
Identity & Access Management (IAM)
, especially around privileged access.
security SOPs, baselines, and compliance documentation
incident response
and coordinate remediation activities.
security architecture design, secure configurations, and technology adoption
(e.g., Zero Trust, NGFW, XDR, SOAR).
BNM RMiT
and other compliance requirements.
3. Required Experience & Certifications
in
IT security operations, compliance, and infrastructure security
security compliance & regulatory audits
with :
financial institutions (FSI)
or
large-scale hybrid cloud environments
CEH, CISSP, CISM
(must-have),
Cloud Security (AWS / Azure)
(nice-to-have).
4. Soft Skills & Leadership
lead security projects
and provide
technical leadership
problem-solving, analytical, and documentation skills
stay ahead of evolving cyber threats
and propose innovative solutions.
Technical Compliance • Petaling Jaya, Selangor, Malaysia