jobs in Quess Global Malaysia

Quess Global Malaysia Hiring! Full Time Information Security Specialist (Compliance - GRC) in Federal Territory, Earn up to MYR 8,000 - Ricebowl

Information Security Specialist (Compliance - GRC)

Quess Global Malaysia

MYR6,000 - MYR8,000 Per Month

Full Time

KL City, Federal Territory

Share
Save

Working Location

  • Kuala Lumpur Federal Territory Malaysia

Job Description

Responsibilities

Position Summary

We are seeking an Information Security Specialist to strengthen our security posture and compliance readiness. This role will focus on responding to customer security RFIs, maintaining compliance with frameworks such as ISO 27001, SOC 2, and IMDA, and supporting security incident reviews and tabletop exercises. The ideal candidate will have good technical knowledge, excellent communication skills, and experience in security governance and incident response.

Key Responsibilities

Customer Security RFIs

  • Respond to customer security questionnaires and due diligence requests.
  • Collaborate with internal teams to provide accurate and timely responses.

Compliance & Certifications

  • Assist in maintaining and improving compliance with ISO 27001:2022, SOC 2, DORA, CPS230/234 and IMDA cyber security requirements.
  • Support internal and external audits, evidence collection, and gap remediation.

Security Incident Management

  • Participate in security incident reviews and root cause analysis.
  • Document lessons learned and recommend improvements to processes and controls.

Tabletop Exercises

  • Plan, coordinate, and execute security tabletop exercises with cross-functional teams.
  • Report findings and track remediation actions.

Policy & Process Support

  • Contribute to the development and maintenance of security policies, standards, and procedures.
  • Stay current with emerging threats, compliance requirements, and industry best practices.

Requirements

  • Bachelor's degree in information security, Computer Science, or related field (or equivalent experience)
  • Min 3 years in security engineering, compliance, or related roles.
  • Certifications such as CISSP, CISM, or ISO 27001 Lead Implementer are a plus.
  • Understanding of security frameworks (ISO 27001, SOC 2, IMDA, DORA, CPS230, Uk Cyber Essentials).
  • Familiarity with incident response processes and tools.
  • Experience supporting audits and compliance programs.
  • Strong documentation and evidence management skills.
  • Ability to translate technical concepts into business-friendly language.
  • Strong stakeholder engagement skills.

Nice to Have

  • Experience with cloud security (AWS, Azure, or GCP).
  • Knowledge of risk assessment methodologies.
  • Familiarity with SIEM tools and security monitoring.

Pay: RM6,000.00 - RM8,000.00 per month

Benefits:

  • Additional leave
  • Professional development

Application Question(s):

  • Do you have GRC experience within communications?
  • Do you have experience supporting audits and compliance programs?

Work Location: In person

Important Information

Never provide your bank or credit card details when applying for jobs. Do not transfer any money or complete unrelated online surveys. If you see something suspicious, Report this Job ad.

Learn More