Back to Job Search

IT Security Lead

Monroe Consulting Group is partnering with a highly established Government-Linked Company (GLC) with a robust footprint in the consumer, logistics, and technology sectors. Our client is recognized for driving transformative initiatives, embracing innovation, and delivering long-term value to stakeholders.

We are looking for an experienced and motivated IT Security Lead to drive the overall cybersecurity strategy and execution across the organization. This role ensures the protection of systems, data, and infrastructure through robust governance, continuous risk management, and proactive security operations. The incumbent will work closely with senior leadership, IT, and business teams to strengthen the organization's security posture and compliance with regulatory standards.

Key Responsibilities

  • Develop, lead, and implement the company's enterprise-wide cybersecurity strategy and roadmap, aligned with business objectives and evolving threat landscapes.
  • Act as the main advisor to senior management on all cybersecurity, data privacy, and risk management matters, ensuring alignment with local and global standards.
  • Establish, maintain, and enforce security policies, procedures, and frameworks that comply with regulatory requirements.
  • Oversee daily security operations including threat monitoring, incident detection, response, and recovery, ensuring minimal business disruption.
  • Manage and optimize a range of security technologies, such as firewalls, EDR, DLP, IAM, PAM, and cloud security tools.
  • Conduct regular risk assessments, vulnerability management, and third-party due diligence to identify and mitigate potential threats.
  • Lead and coordinate internal and external audits, ensuring identified issues are promptly addressed and remediated.
  • Design and test incident response, disaster recovery, and business continuity plans to ensure organizational readiness.
  • Collaborate with IT, engineering, product, and business teams to embed security best practices throughout operations and development cycles.
  • Mentor and develop cybersecurity team members while promoting a culture of continuous learning and security awareness across the organization.
  • Deliver regular security awareness and training programs to employees to reinforce a security-first mindset.
  • Communicate security updates, risks, and initiatives effectively to stakeholders, management, and external partners.
  • Stay informed on emerging cybersecurity trends, technologies, and regulations, and drive continuous improvement through innovation and strategic initiatives.
  • Manage cybersecurity budgets (CAPEX/OPEX) effectively to balance risk mitigation and cost efficiency.
  • Thrive in a fast-paced environment, capable of handling multiple priorities and adapting quickly to changing business needs.


Job Requirements

  • Minimum 10 years of progressive experience in information security leadership roles.
  • Proven track record managing enterprise security programs within Malaysia, with a solid grasp of the local regulatory landscape.
  • Strong technical understanding of network, cloud, application, and data security, including incident response and vulnerability management.
  • Hands-on experience with security technologies such as SIEM, EDR, firewalls, DLP, WAF, and cloud platforms.
  • Deep knowledge of industry frameworks and standards (e.g., ISO 27001, NIST, COBIT, PCI-DSS).
  • Recognized certifications such as CISSP, CISM, CISA, CRISC, or CCSP are highly preferred.
  • Strong leadership, analytical thinking, and stakeholder management skills.
  • Excellent communication and presentation abilities with the confidence to engage C-level executives.
  • Experience in secure SDLC, DevSecOps, and cybersecurity budget management is an advantage.