Wurth IT Malaysia Sdn. Bhd. Hiring! Full Time Information Security Auditor - Technical in Federal Territory - Ricebowl

About the Company

Würth IT is the internal IT service provider of the global Würth Group, a world market leader in fastening and assembly materials with operations in more than 80 countries. From Malaysia, Würth IT teams work as part of a global network, collaborating closely with international colleagues to deliver standardized, secure and reliable IT services that support business operations worldwide.

About the Role

In this role, you will be part of a global auditing team conducting information security and IT compliance audits across Würth Group companies worldwide. Your focus will be on assessing IT systems, infrastructure and security configurations to identify technical risks and control weaknesses, while working closely with process and compliance audit colleagues to build a comprehensive view of each audited environment. Based on your assessments, you will document findings, prepare clear audit reports and provide practical recommendations. The audits cover technical, physical and organizational security conditions and are aligned with established information security standards.

Responsibilities

• Plan, prepare and conduct information security and IT compliance audits for Würth Group companies worldwide
• Lead the technical part of audits, including the review of IT systems, infrastructure and security configurations
• Assess networks and technical environments for vulnerabilities and evaluate security measures such as firewall design, segmentation and related controls
• Review Windows-based environments and Active Directory-related security posture, including common attack paths and weaknesses where relevant
• Evaluate technical compliance against internal standards and established security requirements
• Independently evaluate audit results, prioritize findings and develop practical recommendations, supported by clear and professional audit reporting
• Present audit results and discuss remediation actions with audited entities and relevant stakeholders
• Follow up on corrective actions and validate remediation measures
• Work closely with colleagues responsible for the process and compliance part of the audit to provide a complete view of the audited security environment
• Take ownership of assigned audit topics and contribute to the consistent application and further development of technical audit methods, checklists and assessment standards

Qualifications

• Degree in Information Technology, Computer Science, Cyber Security, Information Security, or a comparable technical qualification
• At least 3 years of relevant professional experience in IT infrastructure, cyber security, technical audit, system administration, or a comparable technical field

Required Skills

• Strong knowledge of Windows administration and Active Directory, including familiarity with common Active Directory attack vectors such as Pass-the-Hash, Kerberoasting and BloodHound-based analysis
• Solid understanding of network security fundamentals, including firewalls, network segmentation and proxy technologies
• Practical Linux knowledge, ideally with exposure to security-oriented tools or distributions
• Practical experience in vulnerability assessment, hardening reviews, or technical security assessments is an advantage
• Certifications such as PNPT, CEH, CompTIA PenTest+, OSCP or comparable technical security certifications are an advantage
• Strong analytical skills and the ability to assess technical issues independently and formulate practical recommendations
• Strong communication, coordination and stakeholder management skills, with the ability to work effectively in English within international, cross-functional teams; Mandarin language skills are an advantage
• Willingness to travel internationally as required for audit assignments, typically around 25% of working time