Search by job, company or skills

sd guthrie berhad

Assistant Manager, Cybersecurity Architecture & Governance

sd guthrie berhad
Petaling Jaya, Malaysia, Selangor
10-12 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 11 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

About Us

SD Guthrie Berhad (SD Guthrie) is one of the world's leading producers of Certified Sustainable Palm Oil (CSPO), representing approximately 12% of the global market share (as of 31 December 2022). With over 84,000 employees across 12 countries, we pride ourselves on innovation, sustainability, and excellence. Our operations span the entire palm oil value chain, and we are expanding into new business verticals such as green industrial parks and renewable energy. We offer enriching career opportunities supported by cutting-edge technology and a commitment to sustainability. We are the world's first palm oil company to have our net-zero GHG emissions reduction targets approved by the Science Based Targets initiative (SBTi).

Join us today, as we continue to Unlock Nature's Superpowers.

Your Mission

1. Cybersecurity Architecture Governance, Strategy & Delivery

  • Govern enterprise cybersecurity architecture standards, principles, and reference architectures across IT, OT, and cloud environments.
  • Provide decision authority on security architecture designs, control implementations, and cybersecurity technology selections.
  • Ensure all-digital, infrastructure, and OT initiatives comply with approved cybersecurity architecture, policies, frameworks, and regulatory requirements.
  • Lead enterprise cybersecurity initiatives and transformation programs from planning through delivery, ensuring alignment with architecture, risk, and compliance objectives.
  • Own the evaluation, procurement, deployment, and lifecycle governance of enterprise cybersecurity technologies, not limited to:
  • Endpoint and network security solutions
  • Zero Trust Architecture (ZTA) and Secure Access controls
  • Data Leak / Data Loss Prevention (DLP)
  • Mobile and Cloud Security platforms
  • Define and maintain cybersecurity technology standards, configuration baselines, and system hardening requirements.
  • Provide governance oversight to crossfunctional teams (IT, OT, Operations, Risk, Compliance, Vendors)
  • Ensure cybersecurity initiatives are delivered within approved scope, timeline, and budget, with appropriate risk management and executive reporting.

2. Cyber Risk Management, Compliance & Assurance

  • Own and govern the enterprise cyber risk management framework, including risk identification, assessment, prioritization, treatment, and reporting.
  • Provide decision authority on cyber risk acceptance, compensating controls, and escalation to senior management.
  • Ensure timely remediation of highrisk vulnerabilities, audit findings, and penetration test results.
  • Oversee compliance with applicable cybersecurity regulations, standards, and frameworks (e.g., ISO 27001, NIST, CIS Controls, GDPR, and local regulatory requirements).
  • Act as a senior liaison for cybersecurity audits, regulatory inspections, and independent assessments.
  • Provide executivelevel reporting on cybersecurity risk posture, control effectiveness, and program maturity.
  • Ensure appropriate documentation, approvals, and audit trails for cybersecurity initiatives and risk decisions.

3. Cyber Analytics, Threat Intelligence & Investigation Oversight

  • Provide governance and oversight for enterprise cyber analytics, threat detection, and investigation capabilities.
  • Oversee the use of SIEM, security analytics, threat intelligence, and monitoring platforms to ensure effective detection of cyber threats and anomalous activities.
  • Guide and review cybersecurity incident investigations, including root cause analysis, impact assessment, and containment strategies.
  • Ensure cyber investigations follow approved procedures, legal, regulatory, and evidentiary requirements.
  • Review investigation outcomes, lessons learned, and corrective actions to strengthen preventive and detective controls.
  • Coordinate with internal stakeholders (IT, Legal, Risk, HR, Compliance) and external parties where required for major cyber incidents.
  • Provide executivelevel reporting on significant cyber incidents, investigation outcomes, and risk implications.

4. Leadership, Stakeholder & Vendor Management

  • Provide leadership and direction to cybersecurity engineering, operations, analytics, and investigation teams.
  • Act as a senior cybersecurity advisor to business leaders, technology leadership, and operational teams.
  • Drive consistent adoption of cybersecurity governance, accountability, and incident response discipline across the organization.
  • Manage strategic relationships with cybersecurity vendors and Managed Security Service Providers (MSSP).
  • Monitor vendor performance, SLA, KPI, and service quality, ensuring value realization and risk management.
  • Champion a strong cybersecurity culture and riskaware mindset across IT, OT, and business units.

5. Strategic Planning & Continuous Improvement

  • Monitor emerging cyber threats, threat actor trends, regulatory developments, and technology advancements impacting IT, OT, and cloud environments.
  • Define and maintain the enterprise cybersecurity roadmap aligned with business strategy and digital transformation.
  • Recommend and lead initiatives to enhance cybersecurity maturity, resilience, detection, investigation, and response effectiveness.
  • Support longterm cybersecurity capability planning, investment prioritization, and technology modernization.

Ideal Candidate

Education & Certification

  • Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field.
  • Professional certifications are strongly preferred (e.g., CISSP, CISM, CCSP, CISA, ISO 27001 Lead Implementer/Lead Auditor).

Experience

  • Minimum 1012 years of experience in cybersecurity, information security, cyber risk, or incident response roles.
  • Proven experience in cybersecurity governance, architecture decisionmaking, cyber risk management, and project leadership.
  • Strong exposure to enterprise cybersecurity technologies, including SIEM/SOC, security analytics, EDR, PAM, ZTA, DLP, and cloud security.
  • Experience overseeing cybersecurity incidents, investigations, and executivelevel reporting.
  • Experience managing cybersecurity audits, regulatory engagements, and senior stakeholder communication.
  • Exposure to OT / industrial or plantation environments is a strong advantage.

Core Competencies

  • Strong cybersecurity architecture, governance, and risk management expertise.
  • Solid understanding of cyber threat analytics, incident investigation, and response governance.
  • Excellent riskbased decisionmaking and executive communication skills.
  • Ability to lead complex, crossfunctional cybersecurity initiatives.
  • Strong vendor, budget, and performance management capabilities.
  • Strategic mindset with practical execution and assurance focus.

Why Join Us

  • Flexible Benefits Coverage
  • Hybrid Workplace
  • Learning on Demand
  • Employee Wellness Programme
  • Employee Engagement Activities
  • Fully Subsidised Sports Clubs
  • Education Assistance (terms & conditions apply)
  • Free Parking
  • Free Shuttle Service from nearest LRT
  • and many more...

Only shortlisted candidates will be notified.

Discover more opportunities with us here!

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

About Company

sd guthrie berhad

Job ID: 145296405

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 01-04-2026 02:45:17 AM
Homejobs in Petaling JayaAssistant Manager, Cybersecurity Architecture & Governance