Job Title: Information Security Engineer
Duration: 12 months contract
Location: Kuala Lumpur, Malaysia
Overall years of experience: 4-7 years
Relevant years of experience: 4+ years
Domain: Insurance
Job Description -
About: Assist in managing activities related to our Third Party Management (TPM) system and Third Party Security Assessment (TPSA) processes.
Must for this role: (MANDATORY)
- Review and assess vendor compliance against internal Information Security policies and control standards
- Map assessment findings against applicable security policies, standards, and regulatory requirements
- Identify policy gaps and control weaknesses during TPSA reviews
Scope of Work:
- TPM (Third Party Management) Requests -
- Handle and review TPM requests
- Update local TPM inventory
- Determine TPSAtype & next action
- Manage email communications and follow-up
2. TPSA (Third Party Security Assessment) -
- Prepare TPSA application forms
- Coordinate with EY for TPSA assessments (New / Reassessment / Reverse TPSA)
- Create shared folders for EY documentation
- Conduct due diligence and complete required TPSA forms
- Review previous TPSA risk reports to track open issues
3. Inventory & Reporting
- Update local & GIS inventories (monthly)
- Maintain Power BI TPSA dashboard
- Prepare TRSForum slides
- Publish updated dashboards, charts & reports
Prerequisites / Skill Requirements:
- Ability to install and use Power BI
- Familiarity with TPSA processes & due diligence
- Strong communication skills
- Experience in email coordination, stakeholder follow-ups & reporting
