AI-generated summary
beta
This job is a Senior Technical Security Specialist for the APAC region, focusing on making IT systems secure from the start. You might like this job because you'll collaborate with teams, assess risks, and help shape security policies while protecting vital data.
Undisclosed
Malaysia, Kuala Lumpur
Job Description
The purpose of this role is to ensure that IT systems and projects undergoing change are secure by design, build, and implementation. The ideal candidate will play a critical role in embedding security principles throughout the project lifecycle, ensuring compliance with organizational Global Information Security policies, industry standards, and regulatory requirements. This role requires a deep understanding of security architecture, risk management, and secure development practices, as well as the ability to collaborate with cross-functional teams to deliver secure IT solutions.
Key Responsibilities:
- Collaborate with project teams / squads to ensure security requirements are integrated into the planning and design phases of IT systems.
- Perform security reviews of technical designs, configurations, and implementations to identify and address cybersecurity risks.
- Conduct threat modeling and risk assessments to identify potential vulnerabilities and recommend mitigations.
- Ensure all IT changes and projects follow established security governance processes, including risk assessments and approvals.
- Collaborate with Change Advisory Boards (CAB) to ensure security considerations are addressed before changes are approved.
- Maintain documentation and knowledge base of security assessments, decisions, and actions taken during the project lifecycle.
- Act as the primary security advisor for IT projects, working closely with project managers, architects, developers, and other Global Information Security stakeholders.
- Contribute to the development and enhancement of security policies, standards, and guidelines.
Job Requirements
Qualifications
- Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
- 7+ years of experience in information security, with a focus on secure design, architecture, and implementation.
- Strong knowledge of security frameworks and standards (e.g., ISO 27001, NIST, PCI DSS, OWASP).
- Experience conducting threat modeling, risk assessments, and security reviews.
- Proficiency in secure development practices, including secure coding, encryption, and vulnerability management.
- Familiarity with IT change management processes and governance frameworks.
- Strong analytical and problem-solving skills, with the ability to assess complex technical environments.
- Excellent communication and interpersonal skills, with the ability to influence and collaborate with diverse stakeholders.
- Relevant certifications such as CISSP, CISM, CEH, or SABSA.
- Experience with cloud security (e.g., AWS, Azure, GCP) and DevSecOps practices.
- Experience working in Agile or DevOps environments.
Company Benefits
Professional career growth
Chubb makes substantial investments in its people so they have opportunities to grow professionally.
Chubb associate program
Get connected with the training, development, mentoring and experiences you’ll need to grow at our company!
Mobility
Employees are exposed to a variety of markets and ongoing opportunities to learn, network, progress and succeed.
Additional Info
Experience Level
0 - 10 Years of Experience
Company Profile
