Experian Hiring! Full Time Security Analyst in Selangor - Ricebowl

Security Governance, Assurance & Risk Support

• Support security governance and assurance activities, including monitoring adherence to security policies, standards, and control frameworks
• Help with security risk assessments for projects, platforms, and services, documenting risks and recommended treatment plans.
• Support internal and external audits (e.g. ISO 27001, SOC 2, PCI DSS), including evidence collection, control testing, and remediation tracking
• Support control design, implementation, and operational effectiveness testing across security and IT controls

Security Metrics & Compliance Monitoring

• Monitor security metrics, dashboards, and control performance indicators under the guidance of senior team members
• Identify and record non‑compliance and control deviations against defined security standards, policies, and SLAs
• Perform initial analysis of trends and recurring issues and escalate

Non‑Compliance Tracking & Remediation Support

• Log and track security non‑conformities, findings, and control gaps
• Work with application owners and platform teams to support agreed remediation actions
• Track remediation progress and update records and dashboards
• Escalate overdue or higher‑risk items following defined processes

Report & Stakeholder Support

• Help prepare security reports, dashboards, and metrics summaries
• Collaborate with Risk Management, Internal Audit, and Technology teams to support identification of new risks and compliance gaps
• Contribute to continuous improvement programs to mature security processes, metrics, and reporting
• You will be reporting to a Senior Manager
• You will have to WFO 2 days a week as it is Hybrid working

• This requirement necessitates 2-4 years of experience in an information security, IT risk, compliance, or audit role (or relevant experience) on your part.
  • You need to have understanding of security and risk frameworks such as ISO 27001, SOC 2, or NIST
  • Familiarity with security metrics, control monitoring, and compliance reporting
  • Analyse information and document findings
  • Awareness of cloud, SaaS, or enterprise platforms
• Desirable Skills & Qualifications
  • Exposure to security audits, assurance, or compliance activities
  • Experience in regulated or data‑driven environments
  • Hands-on experience of security monitoring tools such as Panaseer, Checkmarx, *************
  • Security or risk‑related certifications e.g. ISO 27001 Lead Implementor/Auditor, CCSK, CySA+, Security+, CISA, CRISC, CISSP (or working towards)