JOB DESCRIPTION
 
IT Security Consultant
Posting Date : 07 Oct 2025 | Close Date :05 Jan 2026


Position: IT Security Consultant

Job Purpose

This role is responsible to manage information risk, to ensure compliance of Security Standards practised by the services/organization and to provide security support on application, projects and to prevent the unintentional, unlawful, or unauthorized disclosure, alteration, or destruction of IT resources.

KEY RESPONSIBILITIES:

• Responsible to manage operational IT Security for a high availability financial service and work on the reporting & improvement as well as facilitate in audits and trainings.

• To drive Analysis & handling of security vulnerabilities & incidents.

• Establish, maintain and review compliance with Operational Security processes and procedures periodically and to ensure these are met and monitored.

• Establish, maintain and review strict access control to information and IT systems according to business needs and access policies.

• Perform Access Management activities (grant, change and revoke access privileges).

• Establish and maintain an environment that complies with the Payment Card Industry Standards & Requirements, the Information Security Management Framework and other applicable security standards and Baselines.

• Monitor and manage security controls (system settings, logs, alerts, audit trails, attempts, violations, faulty logons, lockouts, etc.)

• To work closely with clients/ application/ infrastructure owners in applying and implementing the new security changes/solutions (e.g, protection concept, security specifications, architecture and design, security assessment).

• Exposure and to work on Security Operation Center (SOC) Tools, maintenance and operations support.

 

Preferred Skills

• Knowledge/ Exposure on Baseline controls a.k.a environmental controls, application generic control, Third Party Access controls and Legal and Regulatory controls

• Understanding and exposure working with External auditors on ISAE 3402, PCI-DSS compliance and other mandatory standards, health and safety, ISO/IEC 27001:2005, 27002:2005 and 27005:2008 . Internal

• Maintaining mandatory standards, health and safety, ISO/IEC 27001:2005, 27002:2005 and 27005:2008

• Self-starter who can work autonomously and independently and willing to learn and explore compliance and IT security.

• Good written and verbal communications, and ability to productively interact across internal/external stakeholders, auditors and functions.

• Broad understanding of security technology, IT security Standards and compliance.

 

QUALIFICATIONS:

• You have a university degree, followed by depth experience in the field of Governance or Compliance with focus on IT security.

• Overall 8-10 years working experience in IT industry with at least 5 years’ experience in IT Security & Compliance.

• Self-motivated and able to work independently as well as a team player.

• Good to have: - Cards and Payment domain knowledge, Exposure or understanding on PCI DSS, PCI PA-DSS, Security Industry standards, IT Security and Assurance, TIA Knowledge/ practice, Infrastructure Security Knowledge/ Practice, Multiple OS and AD Knowledge practice and SIEM Knowledge / Practice. - Experience in an IT operations-related field such as IT Security, IT Admin, Disaster Recovery or Maintenance of SOC tools
 


Sub Specialization : Information Technology;IT Security
Type of Employment : Permanent
Minimum Experience : 8 Years
Work Location : Kuala Lumpur
   



This site is best viewed with Internet Explorer 7 or higher and Firefox 3.x or higher. © EPS All Rights Reserved.