Job Description

POSITION GENERAL SUMMARY 

• Implementing a range of security measures, including software and hardware solutions, to detect and prevent cyber threats from compromising the security and functionality of the platform.
• The scope of responsibilities includes the yearly exercise of vulnerability assessment and penetration test (VAPT),  administration, management, configuration, testing, and integration tasks related to the virtual patch management (VPM), internal vulnerability management system (IVAS), and other platform defense mechanisms adopted by MAHB in the future.

ESSENTIAL POSITION FUNCTIONS

• Vulnerability Management Strategy
  
  • Developing, implementing and managing a comprehensive vulnerability management program for MAHB which includes identifies, assesses, prioritizes, and remediates vulnerabilities in applications, servers, networks, databases, cloud environments and others including IT/OT infrastructure based on risk and potential impact.
  • Provide vulnerability management program's performance and report on its effectiveness to stakeholders, such as the board of directors, senior management, and external auditors on status of vulnerabilities, risk levels and remediation program along with strategic-insights to inform decision-making.
• Vendor & Outsourced VAPT Management
  
  • Define and monitor VAPT related deliverables in service contracts. Ensures SLAs, KPIs quality expectations are met
  • Manage vendors and service providers to evaluate and implement security solutions that enhance the organization’s vulnerability management capabilities.
• Tool and Technology Management
  
  • Manage all processes, integration and technologies focusing on vunerability and virtual patch management together with threat intelligence platforms
  • Work closely with IT, DevOps, and development teams to ensure vulnerability management is integrated into the software development lifecycle (SDLC), cloud infrastructure management, and other operational processes.
• Team Development & Collaboration
  
  • Manage and participate training programs and initiatives to raise awareness about vulnerability management, secure coding practices, and potential threats across the organization.
  • To perform duties with due diligence and professional care in accordance with professional standards and best practise
• Threat Management Analysis
  • Research, collect, and analyze cyber threat intelligence from various internal and external sources (e.g., OSINT, commercial feeds, dark web, security vendors). Identify emerging threats, attack campaigns, and adversary tactics, techniques, and procedures (TTPs) relevant to the organization. Produce actionable intelligence reports

Key Challenges

• Unable to understand about the technical impact and severity of vulnerabilities that could affected MAHB assets
• Unable to comply with MAHB Security Policy and Procedures related to vulnerability management
• Failed to play active roles in communicating and managing the vulnerability findings with stakeholders and third parties for remediation action
• Unable to prioritize the vulnerability findings by ignoring the critical vulnerabilities that actually could lead to security breaches
• Asset visibility were not comprehensively recorded, and it will allow the vulnerabilities to exist until the orphaned assets are compromised

Skills

1. Strong communication, crisis management, and cross-functional leadership skills.
2. Proficient in Bahasa Malaysia and English.
3. Good understanding of cloud security, including identifying and mitigating vulnerabilities in cloud environments such as AWS, Azure, or GCP 

Education

• Bachelor's Degree preferably with specialization in Information Technology, Computer Science, Cybersecurity or equivalent.  

Relevant Industries

• Degree with CGPA > 3.0 and minimum 3 years of cybersecurity and vulnerability management

Unique Requirements

• Regulatory frameworks: Act 854, PDPA, NACSA CNII, CAAM AVSEC Cyber Guidelines
• Threat modeling and Red/Blue/Purple team coordination 

Additional Information

Open for Malaysian citizens only.

Please be reminded that only online applications will be entertained.

Applications should reach us by 1 July 2026.

Only the shortlisted candidate will be notified.