Senior Executive - IT (Cyber Security IT - Perimeter Defense)

Sepang, 10, MY, 64000

Full Time Senior-level / Expert USD 52K - 97K * ^est.

Malaysia Airports Holdings Berhad

View all jobs at Malaysia Airports Holdings Berhad

Apply now Apply later

Posted 4 hours ago

Job Description

POSITION GENERAL SUMMARY

Responsible for all perimeter defense covering web applicationand API protection (WAAP), Intrusion Prevention System (IPS), Trusted Access Control (TAC), Microsegmentation (MS), External Domain Name System (DNS) administration, management, configuration, testing, and integration tasks related to the system.

ESSENTIAL POSITION FUNCTIONS

Perimeter Defense Management

Manage the operation, optimization, and integration of security tools including Web Application and API b. Protection (WAAP), Intrusion Prevention System (IPS), Trusted Access Control (TAC), Microsegmentation (MS) and other defense technology adopted in the near future. Promptly act on alerts by examining potential security and data issues.
Oversee the administration, configuration, management, and security of the organization’s external Domain Name System (DNS), ensuring high availability, integrity, and protection from DNS-based attacks.
Continuously monitor the threat landscape and ensure that perimeter and endpoint defense tools are properly tuned, updated, and configured to detect and prevent evolving threats.
Integration, testing, and validation of defense technologies and controls across various platforms to ensure seamless operation, threat detection, and defense-in-depth effectiveness.
Ensure enforcement of technical security controls aligned with internal policies and regulatory frameworks such as NIST, ISO 27001, and local/global compliance requirements
Assist in initial investigation and triage of potential incidents/ operational issues and escalate or close events as applicable
Manage and maintain the security operations process, such as Change Management, Incident Management, Problem Management, etc. pertaining to the security system.
Identify potential vulnerabilities in system parameters and assess associated risks; develop and implement security strategies—such as input validation, parameterized queries, and other protective techniques—to safeguard against attacks; continuously monitor for threats and respond promptly to prevent damage.

Vendor Management

Manage third-party vendors and security products related to perimeter and endpoint defense, ensuring optimal performance through regular technical and service reviews.
Monitor vendor adherence to SLAs, KPIs, and quality expectations to ensure contractual compliance and maintain service excellence.
Ensure clear documentation, knowledge transfer, and operational transparency between outsourced service providers and internal security teams.
Facilitate joint tabletop exercises and incident simulations with vendors to evaluate their responsiveness and integration in incident response scenarios.

Team Development & Collaboration

Conduct structured knowledge-sharing sessions, internal workshops, and post-mortem reviews to promote continuous learning, retain organizational knowledge, and stay updated on the latest security trends.
Work closely with infrastructure, endpoint, and application teams to ensure seamless integration of security measures, optimize system performance, and maintain strong defenses; collaborate with cybersecurity units (e.g., Strategy, GRC) and external stakeholders to align with broader security strategies.
Participate in cybersecurity simulation exercises, incident response drills, threat hunting activities, and Red/Blue/Purple teaming efforts to enhance detection, response, and proactive defense capabilities.
Carry out responsibilities with due diligence and professional care, adhering to established standards and industry best practices.

Key Challenges

To ensure understanding and involvement from all level of management and employees
To get top management commitment in compliance activities
To get all staff and management to adhere to policies, procedures and internal control
Keeping up with constantly evolving threat landscape

Skills

Strong foundational knowledge in network protocols (TCP/IP, HTTP/S, DNS, etc.) and cybersecurity principles.
Experience in microsegmentation, Trusted Access Controls (TAC), Intrusion Prevention System (IPS), Secure DNS and Web Application & API Protection (WAAP).
Expertise in implementing and security architectures that integrate various security solutions (e.g., WAF, IPS, EDR) into an organization's overall infrastructure.
Experience in network/firewall configuration.
Knowledge in system, infrastructure and application architecture.
Expertise in Perimeter Defense Technologies
Familiar with Network Security Architecture
Ability to analyze logs and respond to real-time threats
Understanding of common attack vectors and TTPs (MITRE ATT&CK)
Leading perimeter-related incident response
Root cause analysis and threat containment

Education

External

Degree preferably with specialization in Information Technology, Computer Science, Cybersecurity or equivalent.

Certification / License Requirement:

Industry certification such as Certified Ethical Hacker (CEH), CompTIA Security+ and Certifications related to specific security technologies (e.g., WAF, IPS, EDR) are preferred.

Relevant Industries

External

Degree holder with minimum 3.0 CGPA with minimum of 3 years relevant experience.

Unique Requirement

Strong foundational knowledge in network protocols (TCP/IP, HTTP/S, DNS, etc.) and cybersecurity principles.
Experience in microsegmentation, Trusted Access Controls (TAC), Intrusion Prevention System (IPS), Secure DNS and Web Application & API Protection (WAAP).
Expertise in implementing and security architectures that integrate various security solutions (e.g., WAF, IPS, EDR) into an organization's overall infrastructure.
Experience in network/firewall configuration
Knowledge in system, infrastructure and application architecture.
Travelling, extra work (After office hour)