Consultant Cybersecurity & Infra (Technical)

Greetings from Velesto Energy Berhad!

We are excited to welcome a highly experienced professional to our Digital, Technology and Information (DTI) Team and look forward to the expertise you will bring to the organization.

ABOUT THE ROLE

The Consultant – Cybersecurity & Infra (Technical) is responsible for the hands on, support, and monitor the delivery of cybersecurity and managed services activities, ensuring services are stable, secure, and aligned to SLA/KPI targets. The role execute and supports day-to-day BAU cybersecurity activities across environment, end-user computing, and security domains, ensuring proper execution by vendors, compliance with standards, and timely resolution of operational issues.

KEY ACCOUNTABILITIES

Cybersecurity & Infrastructure Service Monitoring

• Support and track day-to-day cybersecurity, infrastructure, and managed services performance, availability, and service health.

SLA / KPI Compliance

• Monitor and validate adherence to service levels, operational targets, and agreed vendor commitments.

Cybersecurity Implementation Support

• Support execution and tracking of security controls, remediation, and compliance activities.

Incident Coordination & Recovery

• Support timely resolution, escalation, recovery coordination, and RCA follow-up for service and security incidents.

Vendor & Managed Services Performance Monitoring

• Track vendor delivery against contractual scope, SLA/KPI requirements, and agreed service obligations.

BAU Service Improvement Support

• Support initiatives to reduce recurring incidents, improve resilience, and strengthen cybersecurity and infrastructure service quality.

KEY RESPONSIBILITIES

Cybersecurity & Infrastructure Services (BAU Monitoring & Support)

• Coordinate and support daily BAU activities across cybersecurity, infrastructure, managed services, and end-user service environments.
• Monitor system availability, performance, capacity, service health, and operational alerts across servers, network, storage, virtualization, cloud, and security platforms.
• Support 24x7 monitoring and incident response coordination to ensure service continuity, stability, and timely escalation.
• Assist in ensuring cybersecurity and infrastructure services meet operational standards, SLA/KPI requirements, and agreed governance expectations.

Cybersecurity Implementation & Monitoring

• Support implementation and monitoring of cybersecurity controls including firewall, endpoint security, EDR/XDR, SIEM, vulnerability management, patching, and access security.
• Track security incidents, alerts, vulnerabilities, remediation actions, and compliance gaps through to closure.
• Support coordination of security incident response, escalation, containment, RCA input, and post-incident follow-up activities.
• Monitor patching, vulnerability remediation, system hardening, configuration improvement, and security control effectiveness.
• Assist in ensuring compliance with cybersecurity policies, standards, audit requirements, and operational evidence requirements.

Incident, Problem & Service Management

• Support the incident management lifecycle including logging, classification, prioritisation, tracking, escalation, resolution, and closure.
• Monitor incident response and resolution performance against SLA targets, operational priorities, and service criticality.
• Assist in coordinating Major Incident Management for critical cybersecurity, infrastructure, and business-impacting service issues.
• Support RCA preparation, preventive action tracking, and follow-up on recurring incidents or unresolved technical issues.
• Track incident trends, recurring issues, risk patterns, and improvement opportunities across cybersecurity and infrastructure services.

End-User Computing & Workplace Technology Support

• Support and monitor end-user device lifecycle activities including provisioning, refresh, troubleshooting, decommissioning, and endpoint compliance.
• Coordinate onboarding, offboarding, access requests, endpoint readiness, and workplace technology support activities.
• Monitor device performance, support response, endpoint protection status, and service quality across workplace technology services.
• Support asset tracking, lifecycle reporting, compliance evidence, and documentation for end-user devices and workplace technology services.

Vendor & Managed Services Monitoring

• Act as coordinator between DTI, cybersecurity service providers, infrastructure service providers, and managed service partners.
• Monitor and track SLA/KPI performance, MTTR, service quality, contractual deliverables, and action closure status.
• Support vendor escalations, technical clarifications, issue resolution, and follow-up of pending service actions.
• Assist in monthly service reviews, reporting, performance tracking, service improvement discussions, and evidence preparation.

Backup, Disaster Recovery & Service Resilience

• Support execution and monitoring of backup, restore, and recovery processes across critical systems, infrastructure, and managed service environments.
• Assist in coordinating disaster recovery drills, recovery testing, technical validation, and remediation follow-up activities.
• Track backup success rates, failed jobs, recovery readiness, recovery test outcomes, and related corrective actions.

Change, Patch & Release Support

• Support change, patch, and release coordination for cybersecurity, infrastructure, cloud, endpoint, and managed service environments.
• Monitor patching, system updates, vulnerability fixes, configuration changes, and post-change validation activities.
• Assist in ensuring changes follow DTI governance, approval, testing, rollback, documentation, and communication requirements.

Documentation, Reporting & Governance

• Maintain and update technical documentation, SOPs, runbooks, configuration records, operational checklists, and support procedures.
• Support preparation of SLA/KPI dashboards, cybersecurity reports, infrastructure service health reports, and BAU operational updates.
• Assist in audit, compliance reporting, governance tracking, risk evidence preparation, and service management reporting.
• Ensure proper documentation of incidents, changes, patches, vulnerabilities, backup status, vendor actions, and operational activities.

KEY SERVICE METRICS (Monitored KPIs)

• SLA compliance and service availability
• System uptime, service health, performance, and capacity indicators
• Mean Time to Respond and Mean Time to Resolve
• Incident volume, severity, recurrence, ageing, and closure status
• Patch compliance, vulnerability closure, and security remediation status
• Backup success rate, failed jobs, and recovery readiness
• Vendor SLA/KPI performance, action closure rate, and service quality
• End-user service quality and CSAT, where applicable

EDUCATION

• Bachelor's Degree in Information Technology, Computer Science, Engineering, Cybersecurity, or related discipline.

EXPERIENCE

• Minimum 5–7 years of hands-on experience in cybersecurity services, infrastructure services, managed services, or technical BAU support.
• Practical working knowledge of infrastructure environments including servers, network, cloud, storage, virtualization, backup, and endpoint platforms
• Practical working knowledge of cybersecurity tools and controls such as EDR/XDR, firewall, SIEM, vulnerability management, patch management, and access security.
• Familiarity with ITIL processes including Incident, Problem, Change, Request, and Service Level Management.
• Ability to interpret SLA, KPI, SOW, operational reports, vendor performance reports, and technical remediation plans.
• Good coordination, documentation, analytical, and follow-up skills to support BAU service delivery, incident closure, vendor coordination, and governance requirements.

CONTRACT PERIOD

Six (6)-month consultancy contract, renewable subject to business and project requirements.