Job Requirements:
- Implement safeguards across various public cloud platforms (e.g., Azure, AWS, Google Cloud) to ensure robust protection of systems and data.
- Design, update, and enforce internal cybersecurity policies and operational procedures.
- Conduct technical risk reviews and evaluate systems resilience to modern cyber threats.
- Coordinate security testing (e.g., code assessments, vulnerability scans, red teaming exercises) and drive remediation strategies.
- Partner with infrastructure, applications, and business teams to embed security into solution design and operations.
- Lead engagement initiatives to raise cybersecurity awareness through campaigns, phishing drills, and response simulations.
- Monitor and coordinate responses to identified risk findings in collaboration with Governance and technical teams.
- Investigate threat intel feeds and alert sources to assess and contain cyber risks; provide insights for future enhancements.
- Respond to and manage cybersecurity incidents, performing root cause analysis and recommending containment strategies.
- Possess hands-on familiarity with tools/solutions across security domains: endpoint detection, encryption, identity and access control, mobile/device management, data classification, cloud security brokers, zero trust, etc.
- Stay updated on emerging vulnerabilities and technologies to guide long-term security evolution.
- Drive procurement and lifecycle management of security products and services, ensuring effectiveness and budget alignment.
- Generate executive-level reports and submissions for internal management and external authorities (e.g., regulatory/statutory agencies).
Key Responsibilities:
- Degree-qualified in a computing, security, or related discipline, with at least 6 years of experience in cybersecurity functions.
- Strong exposure to public cloud security (AWS, Azure, M365) and industry frameworks (e.g., NIST, ISO27001/5, MTCS, PDPA).
- Knowledge of local or industry-specific compliance frameworks (e.g., IM8, ISO31000, PCI-DSS) is a plus.
- Recognised certifications such as CISSP, CISA, CISM, CEH, CHFI, or CREST are preferred.
- Strong communicator, capable of translating technical insights for senior stakeholders.
- Demonstrates sound judgement, structured thinking, and a collaborative approach.
Argyll Scott Asia is acting as an Employment Agency in relation to this vacancy.
