联系我们

IT Security Senior Executive

The IT Security Senior Executive supports the organization’s cybersecurity operations, information security monitoring, and IT risk governance. This role is responsible for performing hands-on threat detection, vulnerability assessment, access management, incident response, and IT access control reviews. The Senior Executive also leads security awareness activities, executes phishing simulations, assists in risk assessments, and ensures that security policies are enforced consistently. This role contributes to enhancing FOZ One’s overall cyber maturity and strengthening the security posture across all systems and users.

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注

Ready to get started?

Contact Us

+607 598 1316 /
+6012 798 1316

marketing@fozgroup.com

NO 20, JALAN SAC 2/1, SENAI AIRPORT CITY, 81400
SENAI, JOHOR

about Us

solutions & services

Our Newsletter

For any complaints and issues of corporate governance and business integrity, please
click here.

2024 Copyright © All Rights Reserved. FOZ ONE SDN. BHD. 202301027416 (1521339-P)

error:

Apply Now →

Job Responsibilities:

Information & Data Security

  • Monitor and analyze security alerts, logs, and events across endpoints, networks, and servers.
  • Investigate suspicious activities, validate incidents, and escalate accordingly.
  • Support implementation of data, document, and web security controls.
  • Administer endpoint security tools (ESET, encryption, access control).
  • Assist with firewall and IDS/IPS rule reviews and updates as guided by senior staff.
  • Conduct periodic internal security audits targeting policy compliance and control effectiveness.
  • Investigate recurring security issues and recommend remediation actions.

 

Identity & Access Management (IAM)

  • Perform scheduled file and door access reviews to ensure proper permission assignments.
  • Identify excessive privileges, orphaned accounts, and unusual access rights.
  • Work with departments to correct misaligned access and document approvals.
  • Prepare audit evidence for internal/external assessments.
  • Validate system / application access requests against role-based access controls (RBAC).
  • Support onboarding / offboarding access processes.
  • Maintain updated access control records, permission inventories, and approval logs.

 

Security Awareness & Training

  • Develop cybersecurity awareness materials, presentations, and training content.
  • Conduct user training sessions on best security practices, phishing recognition, and incident reporting.
  • Provide advisory support to staff regarding safe cyber hygiene.

 

Phishing Simulation Program

  • Plan, execute, and monitor phishing simulation campaigns across the organization.
  • Analyze results, prepare reports, and identify departments requiring re-training.
  • Recommend initiatives to reduce user susceptibility to social engineering.

Vulnerability Assessment & Risk Management

  • Conduct vulnerability scans and validate findings.
  • Track remediation progress and follow up with system owners.
  • Evaluate IT risks and contribute to risk assessment documentation.
  • Assist in performing compliance checks against internal security standards and policies.

 

IT Security Support

  • Provide L1/L2 support for security-related incidents and escalate complex issues.
  • Troubleshoot security-related server, network, or workstation problems.
  • Support security configuration updates and system hardening initiatives.

 

IT Security Research & Development

  • Research new cyber threats, vulnerabilities, and emerging security technologies.
  • Test and evaluate new tools or techniques to enhance defensive capabilities.
  • Contribute to developing internal security best practices and procedures.

 

Documentation & Reporting

  • Prepare incident reports, vulnerability summaries, access review reports, and audit documents.
  • Maintain documentation for processes, configurations, and SOPs.

 

Job Qualification:

  • Bachelor’s Degree, Post-Graduate Diploma, or Professional Degree in Computer Science, Information Technology, or a related field.
  • Experience: Minimum 3–4 years of experience in cybersecurity or IT security operations.
  • Technical Requirements:
    • Experience with SIEM tools
    • Hands-on experience with EDR/Antivirus platforms.
    • Familiarity with IDS/IPS technologies and log analysis techniques.
    • Experience performing vulnerability scans using tools like Nessus, OpenVAS, Qualys, or similar.
    • Strong understanding of TCP/IP, DNS, DHCP, VLANs, routing, and firewall concepts.
    • Ability to interpret firewall logs, filter rules, and basic rule-set optimization.
    • Experience securing Windows Server environments, Active Directory, and Group Policy.
    • Practical knowledge of network segmentation, zero-trust concepts, and endpoint hardening.
  • Skills:
    • Strong understanding of antivirus/EDR, IDS/IPS, firewalls, and endpoint security.
    • Familiarity with SIEM tools, vulnerability scanners, and access control systems.
    • Strong analytical skills with ability to interpret security events/logs.
    • Excellent communication, integrity, and attention to detail.
    • Proactive, responsible, disciplined, and able to work independently.

Apply Now →