Job Description

Job Requirements:

• Implement safeguards across various public cloud platforms (e.g., Azure, AWS, Google Cloud) to ensure robust protection of systems and data.
• Design, update, and enforce internal cybersecurity policies and operational procedures.
• Conduct technical risk reviews and evaluate systems' resilience to modern cyber threats.
• Coordinate security testing (e.g., code assessments, vulnerability scans, red teaming exercises) and drive remediation strategies.
• Partner with infrastructure, applications, and business teams to embed security into solution design and operations.
• Lead engagement initiatives to raise cybersecurity awareness through campaigns, phishing drills, and response simulations.
• Monitor and coordinate responses to identified risk findings in collaboration with Governance and technical teams.
• Investigate threat intel feeds and alert sources to assess and contain cyber risks; provide insights for future enhancements.
• Respond to and manage cybersecurity incidents, performing root cause analysis and recommending containment strategies.
• Possess hands-on familiarity with tools/solutions across security domains: endpoint detection, encryption, identity and access control, mobile/device management, data classification, cloud security brokers, zero trust, etc.
• Stay updated on emerging vulnerabilities and technologies to guide long-term security evolution.
• Drive procurement and lifecycle management of security products and services, ensuring effectiveness and budget alignment.
• Generate executive-level reports and submissions for internal management and external authorities (e.g., regulatory/statutory agencies).

Key Responsibilities:

• Degree-qualified in a computing, security, or related discipline, with at least 6 years of experience in cybersecurity functions.
• Strong exposure to public cloud security (AWS, Azure, M365) and industry frameworks (e.g., NIST, ISO27001/5, MTCS, PDPA).
• Knowledge of local or industry-specific compliance frameworks (e.g., IM8, ISO31000, PCI-DSS) is a plus.
• Recognised certifications such as CISSP, CISA, CISM, CEH, CHFI, or CREST are preferred.
• Strong communicator, capable of translating technical insights for senior stakeholders.
• Demonstrates sound judgement, structured thinking, and a collaborative approach.

Argyll Scott Asia is acting as an Employment Agency in relation to this vacancy.

Skills Required