Cyber Security Engineer - Contract 12 Months

Role Overview

We are looking for an experienced Security Engineer to support technology and cybersecurity risk governance, risk management, and compliance activities. This role works closely with internal teams to ensure cybersecurity practices, policies, and controls meet regulatory requirements and industry standards.

Key Responsibilities

Technology & Cybersecurity Risk Governance

Support the maintenance of technology risk governance frameworks and related certifications.

Assist with compliance activities related to regulatory requirements, including Bank Negara Malaysia (RMiT).

Contribute to the development and review of IT and Cybersecurity Risk Appetite statements.

Provide oversight on technology and cybersecurity risk controls.

Support governance forums such as the Information Security Working Committee.

Technology & Cybersecurity Risk Management

Conduct regular risk and control assessments across key technology and cybersecurity areas.

Document and report risk findings, including recommended actions for stakeholders.

Track and manage open risk issues to ensure timely resolution.

Prepare key risk metrics and reports for management.

Support internal and external audits and regulatory assessments.

Perform third-party security risk assessments and monitor supply chain security risks.

Track audit findings and ensure closure of remediation actions.

Monitor external threat intelligence and escalate emerging risks when needed.

IT & Cybersecurity Policies

Support the review and maintenance of information security policies, standards, and procedures.

Assist with policy approvals, training, and communication to relevant teams.

Monitor compliance with cybersecurity policies across the IT department.

Recommend improvements to policies and procedures to strengthen security and efficiency.

Requirements

Bachelor's degree in Computer Science, Computer Engineering, Information Systems, or a related field.

Minimum 8 years of experience in information security or cybersecurity risk management (experience in the financial industry is preferred).

Experience working with financial regulators such as Bank Negara Malaysia.

Strong understanding of IT governance, enterprise risk management, and cybersecurity frameworks.

Familiarity with cloud technologies and modern IT operations.

Professional certifications such as CISSP, CISA, CISM, CRISC, or CGEIT are an advantage.

Strong analytical thinking and ability to assess complex technology risks.

Excellent communication skills, able to engage both technical and non-technical stakeholders.

Self-motivated, detail-oriented, and able to work independently as well as in a team.

High integrity and ability to work with minimal supervision.