Support the documentation and maintenance of cybersecurity policies, procedures, standards, and guidelines under the guidance of the line manager
Review and assess practices across Monitoring, Incident Response, Platform Engineering, Service Management, Threat Intelligence, Red Teaming, and Penetration Testing to ensure alignment with the GSOC policy and control universe, supported by dashboards and metrics
Enrich operational practices by benchmarking against industry good practices and standards, and enhance data visibility through correlating models and structured reporting
Gather and consolidate inputs from Operating Companies (OpCos), group-level projects (e.g., Insurance studies, Risk Management initiatives, Board and Risk Committee papers) to ensure alignment across SOC operations, OpCos, and strategic initiatives
Support governance reporting by ensuring timely submission of reports to OpCos, management, and other entities, while tracking issues, gaps, and inconsistencies to closure
Continuously review and improve data sources used for cybersecurity governance, risk, and performance reporting
Assist in external GTM initiatives under the Axiata Cyber Fusion Center, including preparation of client-facing materials such as maturity assessment reports, dashboards, proposals, and presentation decks
Support client engagements by coordinating inputs, maintaining engagement trackers, and ensuring deliverables are aligned to agreed scope and timelines
Build foundational client relationship management skills by interacting with customers and partners in a professional manner, supporting follow-ups, and contributing to positive client experience during cybersecurity engagements
Collaborate with internal technical teams to translate cybersecurity findings into clear, business-focused insights for both internal and external stakeholders
Person Specifications
Up to 03 years of experience in Cybersecurity Governance, Risk and Compliance, including reporting and maturity assessments, with good knowledge of security concepts aligned to NIST Cybersecurity Framework, ISO/IEC 27001, and SOC frameworks
Bachelors degree in Information Security, Computer Science, Information Technology, or equivalent professional certifications (e.g., CISA, CISM, CRISC preferred)
Strong problem-solving and analytical skills
Good report writing and documentation skills
Good project management and coordination skills
Working knowledge of Power BI and advanced Excel modelling for dashboards and reporting
Good communication skills with the ability to interact with internal stakeholders and external clients
