jobs in Experian

全职 Security Analyst 工作, 薪水, Experian Selangor 公司招聘中 - Ricebowl

分享
保存

工作地点

  • Cyberjaya, Selangor Cyberjaya Selangor Malaysia

职位描述

岗位职责

Security Governance, Assurance & Risk Support

  • Support security governance and assurance activities, including monitoring adherence to security policies, standards, and control frameworks
  • Help with security risk assessments for projects, platforms, and services, documenting risks and recommended treatment plans.
  • Support internal and external audits (e.g. ISO 27001, SOC 2, PCI DSS), including evidence collection, control testing, and remediation tracking
  • Support control design, implementation, and operational effectiveness testing across security and IT controls

Security Metrics & Compliance Monitoring

  • Monitor security metrics, dashboards, and control performance indicators under the guidance of senior team members
  • Identify and record non‑compliance and control deviations against defined security standards, policies, and SLAs
  • Perform initial analysis of trends and recurring issues and escalate

Non‑Compliance Tracking & Remediation Support

  • Log and track security non‑conformities, findings, and control gaps
  • Work with application owners and platform teams to support agreed remediation actions
  • Track remediation progress and update records and dashboards
  • Escalate overdue or higher‑risk items following defined processes

Report & Stakeholder Support

  • Help prepare security reports, dashboards, and metrics summaries
  • Collaborate with Risk Management, Internal Audit, and Technology teams to support identification of new risks and compliance gaps
  • Contribute to continuous improvement programs to mature security processes, metrics, and reporting
  • You will be reporting to a Senior Manager
  • You will have to WFO 2 days a week as it is Hybrid working

 

  • This requirement necessitates 2-4 years of experience in an information security, IT risk, compliance, or audit role (or relevant experience) on your part.
    • You need to have understanding of security and risk frameworks such as ISO 27001, SOC 2, or NIST
    • Familiarity with security metrics, control monitoring, and compliance reporting
    • Analyse information and document findings
    • Awareness of cloud, SaaS, or enterprise platforms
  • Desirable Skills & Qualifications
    • Exposure to security audits, assurance, or compliance activities
    • Experience in regulated or data‑driven environments
    • Hands-on experience of security monitoring tools such as Panaseer, Checkmarx, *************
    • Security or risk‑related certifications e.g. ISO 27001 Lead Implementor/Auditor, CCSK, CySA+, Security+, CISA, CRISC, CISSP (or working towards)

重要安全守则

申请工作时,切勿提供您的银行或信用卡详细资料。不要转账或完成无关的在线调查问卷。如果您发现可疑内容,请举报此招聘广告。

了解更多