This is an exciting time to join as the company accelerates its Artificial Intelligence adoption and transforms its ways of working with it. We are looking for an information security expert to join our Information Security team which is led by our Chief Information Security Officer. As an Assistant Manager – Information Security Operations, you will support the effective day-to-day delivery of security operations across the organisation, with day-to-day operational direction and prioritisation provided by the Security Operations Manager. This position is ideal for a practitioner confident working in a modern security operations environment, using sound judgment and leveraging modern tools and technologies (including AI) to improve analysis, efficiency, and problem-solving.
The Role Will Involve
- Modern Tools & Automation: Leverage AI and automation to analyze alerts, streamline workflows, and enhance decision-making.
- Security Tools & Platform Operations: Manage and operate security tools (e.g., vulnerability management, DLP, EDR), including tuning and day-to-day administration.
- Alert Monitoring & Triage: Investigate and triage alerts from internal systems and MSSPs, and track remediation actions in collaboration with the Security Operations Manager.
- Incident Response Support: Assist in incident response activities to contain threats and restore services efficiently.
- Secure Configuration Management: Define, implement, and assess secure configuration baselines across SaaS, cloud, and on-premises environments.
- Stakeholder Collaboration: Work closely with IT, Risk, Legal, and business teams to communicate risks, actions, and security requirements effectively.
Key Skills and Experience
- At least 4 years of experience in security operations, penetration testing, or incident response.
- Demonstrated ability to self-learn and stay current with evolving technologies and threat landscapes.
- Proficient in using analytical tools, including AI-enabled capabilities, to support daily operations, investigations, documentation, and structured problem-solving.
- Strong working knowledge of Active Directory; Microsoft 365 (Entra ID, Intune); Azure; TCP/IP and internet security protocols; and Windows/Linux environments (macOS is a plus).
- Experience with enterprise security operations (e.g., alert monitoring, incident response, vulnerability management, endpoint security) is advantageous but not required.
- Working understanding of Microsoft 365, cloud/SaaS security concepts, and core security operations processes.
- Ability to clearly communicate security risks and requirements to both technical and non-technical stakeholders.
- Relevant and up-to-date certifications (e.g., Security+, CISSP, CEH, or equivalent) are an advantage but not mandatory.
- Ability to converse in local languages such as Bahasa Melayu or Bahasa Indonesia is a good to have.
If you possess the necessary skills and experience, please apply with your updated CV and cover letter on past projects. We regret that only shortlisted candidate will be notified.
