Implement information security policies, procedures and best practices to ensure compliance with security and data protection standards, including ISO27001, TISAX, GDPR, PDPA, and other relevant regulations
Conduct risk and vulnerability assessments, identifying and mitigating potential threats
Monitor and respond to cybersecurity incidents, ensuring appropriate resolutions and preventive measures
Conduct training programs and workshops to promote IT security awareness
Work in cross functional teams and business projects to provide IT and security review to ensure requirements are met
ย Governance and Risk Management
Review, localise, implement, and monitor IT governance directives, policies, procedures and ensure appropriate documentation
Manage usersโ account life cycle including usersโ account creation, removal, and access rights reviews across various systems
Support risk management activities, ensuring security controls are implemented including business continuity management
Requirements
Bachelorโs degree in Information Technology, Cybersecurity, Computer Science, or a related field.
2-5 years of experience in IT security, governance, risk assessment and management, vulnerability management or compliance.
Knowledge of security frameworks and standards (such as ISO 27001, TISAX, GDPR, PDPA), access management, identity management, and IT security tools.
Strong structural, analytical, interpersonal and communication skills
Good team player and willing to work in multicultural environment
Certifications such as CISSP, CISM, CEH, CompTIA Security+, or ITIL is an advantage