Security Architect job opportunity at VBP.

Home Jobs In Malaysia Tag: Job Security Architect position at VBP


Date2026-01-08T10:45:25.556Z bot
VBP Security Architect
Experience: 4-years
Pattern: full-time
Country:
apply Apply Now
Salary:
Status:

Job

Copy Link Report
degreeHigh School (S.S.C.E)
loacation Kuala Lumpur, Malaysia
loacation Kuala Lumpur....Malaysia

Job Title Security Architect – Governance, Risk, and Compliance & Platform Security Role Overview As a Security Architect , you will be responsible for defining and governing our enterprise security framework across a multi-cloud environment spanning GCP and Tencent Cloud . This role focuses on security architecture, regulatory compliance, proactive monitoring design, and audit readiness , rather than day-to-day cloud operations. You will guide engineering and infrastructure teams on what must be built and why , ensuring security controls align with ISO 27001 and regional regulatory requirements across China and South-East Asia . You will act as the bridge between compliance, security design, and engineering execution , ensuring security is embedded into platforms and applications by default. Key Responsibilities 1. Proactive Security Monitoring & Threat Governance (Top Priority) Define a centralized security monitoring and alerting architecture across GCP, Tencent Cloud, and Cloudflare. Specify log sources, retention policies, and alerting standards to ensure real-time visibility into security events. Design threat detection use cases and “tripwires” , such as: Unauthorized MongoDB data access or exports Brute-force or abuse patterns on Java/Spring Boot APIs Privileged access or IAM changes in Tencent Cloud Work with DevOps and SRE teams to ensure monitoring controls are implemented, tested, and continuously improved . 2. Security Architecture & Standards Define and document security architecture blueprints and policies for applications and platforms operating across multiple regions. Establish identity, access control, and network isolation standards , ensuring least-privilege and segregation of duties. Define data protection requirements , including encryption at rest and in transit, secure key management, and access auditing for MongoDB. Specify defense-in-depth requirements , including expectations for Cloudflare (WAF, Zero Trust, DDoS) and application-level security controls. Review solution designs and provide security sign-off for new initiatives and major changes. 3. Secure SDLC & Vulnerability Management Define security requirements for Secure SDLC , including SAST/DAST expectations within CI/CD pipelines. Establish vulnerability severity criteria and remediation SLAs aligned with risk and regulatory impact. Ensure application security standards address OWASP Top 10 risks for Java/Spring Boot services. Partner with engineering teams to ensure security findings are tracked, resolved, and verified. 4. ISO 27001 & Regulatory Compliance (Core Focus) Lead the technical interpretation and implementation of ISO 27001 controls , acting as the primary security architecture point of contact. Translate regulatory requirements into practical technical and monitoring controls . Maintain continuous audit readiness by defining automated evidence collection for: Access reviews Logging and monitoring Vulnerability scans Configuration compliance Support internal and external audits with clear, well-documented security evidence. 5. China & South-East Asia Regulatory Knowledge Provide security guidance aligned with China’s regulatory frameworks (e.g., MLPS 2.0, data localization requirements). Advise teams on South-East Asia regulatory considerations , such as: Singapore (PDPA) Malaysia (PDPA) Indonesia (PDP Law) Thailand (PDPA) Ensure cross-border data access and storage designs are reviewed for regulatory impact and compliance risk . Work with legal, compliance, and product teams to ensure security architecture supports regional expansion. Technical & Professional Requirements Experience 3–4 years of experience in Security Architecture, Security Engineering, GRC, or Cloud Security Governance roles. Application & Platform Security Strong understanding of Java/Spring Boot security concepts and OWASP Top 10 risks. Knowledge of MongoDB security controls , including RBAC, TLS, encryption, and audit logging. Monitoring & Security Tooling Experience designing or governing SIEM / log management solutions (e.g., ELK, Datadog, or cloud-native tools). Familiarity with Cloudflare security capabilities (WAF, Zero Trust, DDoS), from a design and governance perspective. Compliance & Regulation Working knowledge of ISO 27001 and how to translate controls into technical and operational requirements. Awareness of China and South-East Asia data protection and cybersecurity regulations and their impact on system design.

Other Ai Matches

Content Creator (Contract) Applicants are expected to have a solid experience in handling Job related tasks
Intern, Culture Applicants are expected to have a solid experience in handling Culture related tasks
Sales Development Representative Applicants are expected to have a solid experience in handling Job related tasks
Assistant Manager, Customs (KEK) Applicants are expected to have a solid experience in handling Customs (KEK) related tasks
Teleport Malaysia Internship Program 2026 Applicants are expected to have a solid experience in handling Job related tasks
Legal Manager (M&A) Applicants are expected to have a solid experience in handling Job related tasks
Assistant Manager, Interline Pricing Applicants are expected to have a solid experience in handling Interline Pricing related tasks
Manager, Air Partners (PH) Applicants are expected to have a solid experience in handling Air Partners (PH) related tasks
Intern, Customer Operations Applicants are expected to have a solid experience in handling Customer Operations related tasks
Full-Stack Mobile Developer Applicants are expected to have a solid experience in handling Job related tasks
Assistant Manager, Treasury Applicants are expected to have a solid experience in handling Treasury related tasks
Officer, Pricing Applicants are expected to have a solid experience in handling Pricing related tasks
Senior Executive, HR Operations Applicants are expected to have a solid experience in handling HR Operations related tasks
Assistant Manager, Logistic Solutions (E-Commerce) Applicants are expected to have a solid experience in handling Logistic Solutions (E-Commerce) related tasks
Product Intern - First, Mid, Custom and Mobile Applicants are expected to have a solid experience in handling Mid, Custom and Mobile related tasks
Executive, Finance (AR - Shared Service) Applicants are expected to have a solid experience in handling Finance (AR - Shared Service) related tasks
Senior Executive, Freighter Management (Operation) Applicants are expected to have a solid experience in handling Freighter Management (Operation) related tasks
Senior Executive, Legal Counsel I Applicants are expected to have a solid experience in handling Legal Counsel I related tasks
Senior Executive, Freighter Management (Operation) Applicants are expected to have a solid experience in handling Freighter Management (Operation) related tasks
Business Development Manager (Ecommerce) Applicants are expected to have a solid experience in handling Job related tasks
Executive, Fleet Applicants are expected to have a solid experience in handling Fleet related tasks
Software Engineer II Applicants are expected to have a solid experience in handling Job related tasks
Treasury Specialist (5 years experience) Applicants are expected to have a solid experience in handling Job related tasks