Senior Executive - IT (Cybersecurity - Vulnerability & Threat Management)

Date: 24 Jun 2026

Location: Sepang, 10, MY, ITD-273

#job-location.job-location-inline { display: inline; }

Company: Malaysia Airports Holdings Berhad

Job Description

POSITION GENERAL SUMMARY

Implementing a range of security measures, including software and hardware solutions, to detect and prevent cyber threats from compromising the security and functionality of the platform.
The scope of responsibilities includes the yearly exercise of vulnerability assessment and penetration test (VAPT), administration, management, configuration, testing, and integration tasks related to the virtual patch management (VPM), internal vulnerability management system (IVAS), and other platform defense mechanisms adopted by MAHB in the future.

ESSENTIAL POSITION FUNCTIONS

Vulnerability Management Strategy

Developing, implementing and managing a comprehensive vulnerability management program for MAHB which includes identifies, assesses, prioritizes, and remediates vulnerabilities in applications, servers, networks, databases, cloud environments and others including IT/OT infrastructure based on risk and potential impact.
Provide vulnerability management program's performance and report on its effectiveness to stakeholders, such as the board of directors, senior management, and external auditors on status of vulnerabilities, risk levels and remediation program along with strategic-insights to inform decision-making.
Vendor & Outsourced VAPT Management

Define and monitor VAPT related deliverables in service contracts. Ensures SLAs, KPIs quality expectations are met
Manage vendors and service providers to evaluate and implement security solutions that enhance the organization’s vulnerability management capabilities.
Tool and Technology Management

Manage all processes, integration and technologies focusing on vunerability and virtual patch management together with threat intelligence platforms
Work closely with IT, DevOps, and development teams to ensure vulnerability management is integrated into the software development lifecycle (SDLC), cloud infrastructure management, and other operational processes.
Team Development & Collaboration

Manage and participate training programs and initiatives to raise awareness about vulnerability management, secure coding practices, and potential threats across the organization.
To perform duties with due diligence and professional care in accordance with professional standards and best practise
Threat Management Analysis
Research, collect, and analyze cyber threat intelligence from various internal and external sources (e.g., OSINT, commercial feeds, dark web, security vendors). Identify emerging threats, attack campaigns, and adversary tactics, techniques, and procedures (TTPs) relevant to the organization. Produce actionable intelligence reports
Key Challenges
Unable to understand about the technical impact and severity of vulnerabilities that could affected MAHB assets
Unable to comply with MAHB Security Policy and Procedures related to vulnerability management
Failed to play active roles in communicating and managing the vulnerability findings with stakeholders and third parties for remediation action
Unable to prioritize the vulnerability findings by ignoring the critical vulnerabilities that actually could lead to security breaches
Asset visibility were not comprehensively recorded, and it will allow the vulnerabilities to exist until the orphaned assets are compromised
Skills
Strong communication, crisis management, and cross-functional leadership skills.
Proficient in Bahasa Malaysia and English.
Good understanding of cloud security, including identifying and mitigating vulnerabilities in cloud environments such as AWS, Azure, or GCP
Education
Bachelor's Degree preferably with specialization in Information Technology, Computer Science, Cybersecurity or equivalent.
Relevant Industries
Degree with CGPA > 3.0 and minimum 3 years of cybersecurity and vulnerability management
Unique Requirements
Regulatory frameworks: Act 854, PDPA, NACSA CNII, CAAM AVSEC Cyber Guidelines
Threat modeling and Red/Blue/Purple team coordination
Additional Information

Open for Malaysian citizens only.

Please be reminded that only online applications will be entertained.

Applications should reach us by 1 July 2026.

Only the shortlisted candidate will be notified.

Job Segment: Testing, Cloud, Military Intelligence, Computer Science, Cyber Security, Technology, Government, Security