Job Description

POSITION GENERAL SUMMARY

Responsible for all perimeter defense  covering web applicationand API protection (WAAP), Intrusion Prevention System (IPS), Trusted Access Control (TAC), Microsegmentation (MS), External Domain Name System (DNS) administration, management, configuration, testing, and integration tasks related to the system.        

ESSENTIAL POSITION FUNCTIONS

Perimeter Defense Management

• Manage the operation, optimization, and integration of security tools including Web Application and API b. Protection (WAAP), Intrusion Prevention System (IPS), Trusted Access Control (TAC), Microsegmentation (MS) and other defense technology adopted in the near future. Promptly act on alerts by examining potential security and data issues.
• Oversee the administration, configuration, management, and security of the organization’s external Domain Name System (DNS), ensuring high availability, integrity, and protection from DNS-based attacks.
• Continuously monitor the threat landscape and ensure that perimeter and endpoint defense tools are properly tuned, updated, and configured to detect and prevent evolving threats.
• Integration, testing, and validation of defense technologies and controls across various platforms to ensure seamless operation, threat detection, and defense-in-depth effectiveness.
• Ensure enforcement of technical security controls aligned with internal policies and regulatory frameworks such as NIST, ISO 27001, and local/global compliance requirements
• Assist in initial investigation and triage of potential incidents/ operational issues and escalate or close events as applicable
• Manage and maintain the security operations process, such as Change Management, Incident Management, Problem Management, etc. pertaining to the security system.
• Identify potential vulnerabilities in system parameters and assess associated risks; develop and implement security strategies—such as input validation, parameterized queries, and other protective techniques—to safeguard against attacks; continuously monitor for threats and respond promptly to prevent damage.

Vendor Management

• Manage third-party vendors and security products related to perimeter and endpoint defense, ensuring optimal performance through regular technical and service reviews.
• Monitor vendor adherence to SLAs, KPIs, and quality expectations to ensure contractual compliance and maintain service excellence.
• Ensure clear documentation, knowledge transfer, and operational transparency between outsourced service providers and internal security teams.
• Facilitate joint tabletop exercises and incident simulations with vendors to evaluate their responsiveness and integration in incident response scenarios.

Team Development & Collaboration

• Conduct structured knowledge-sharing sessions, internal workshops, and post-mortem reviews to promote continuous learning, retain organizational knowledge, and stay updated on the latest security trends.
• Work closely with infrastructure, endpoint, and application teams to ensure seamless integration of security measures, optimize system performance, and maintain strong defenses; collaborate with cybersecurity units (e.g., Strategy, GRC) and external stakeholders to align with broader security strategies.
• Participate in cybersecurity simulation exercises, incident response drills, threat hunting activities, and Red/Blue/Purple teaming efforts to enhance detection, response, and proactive defense capabilities.

• Carry out responsibilities with due diligence and professional care, adhering to established standards and industry best practices.

Key Challenges

• To ensure understanding and involvement from all level of management and employees
• To get top management commitment in compliance activities
• To get all staff and management to adhere to policies, procedures and internal control 
• Keeping up with constantly evolving threat landscape       

Skills

• Strong foundational knowledge in network protocols (TCP/IP, HTTP/S, DNS, etc.) and cybersecurity principles.
• Experience in microsegmentation, Trusted Access Controls (TAC), Intrusion Prevention System (IPS),  Secure DNS and Web Application & API Protection (WAAP).
• Expertise in  implementing and security architectures that integrate various security solutions (e.g., WAF, IPS, EDR) into an organization's overall infrastructure.
• Experience in network/firewall configuration.
• Knowledge in system, infrastructure and application architecture. 
• Expertise in Perimeter Defense Technologies
• Familiar with Network Security Architecture
• Ability to analyze logs and respond to real-time threats
• Understanding of common attack vectors and TTPs (MITRE ATT&CK)
• Leading perimeter-related incident response
• Root cause analysis and threat containment   

Education

External        

• Degree preferably with specialization in Information Technology, Computer Science, Cybersecurity or equivalent.

Certification / License Requirement:

• Industry certification such as Certified Ethical Hacker (CEH), CompTIA Security+ and Certifications related to specific security technologies (e.g., WAF, IPS, EDR) are preferred.          

Relevant Industries

External        

• Degree holder with minimum 3.0 CGPA with minimum of 3 years relevant experience.        

Unique Requirement

• Strong foundational knowledge in network protocols (TCP/IP, HTTP/S, DNS, etc.) and cybersecurity principles.
• Experience in microsegmentation, Trusted Access Controls (TAC), Intrusion Prevention System (IPS),  Secure DNS and Web Application & API Protection (WAAP).
• Expertise in  implementing and security architectures that integrate various security solutions (e.g., WAF, IPS, EDR) into an organization's overall infrastructure.
• Experience in network/firewall configuration
• Knowledge in system, infrastructure and application architecture.
• Travelling, extra work (After office hour) 

Additional Information

Open for Malaysian citizens only.

Please be reminded that only online applications will be entertained.

Applications should reach us by 25 June 2025.

Only the shortlisted candidate will be notified.