Junior Information Security Analyst - Kuala Lumpur, Malaysia

Business Unit: Technology

Location: Kuala Lumpur

Contract Type: Permanent/Full Time

Junior Information Security Analyst - Kuala Lumpur, Malaysia

A bit about us…

We live in an increasingly virtual world. The data that we share every day reflects our identities. And that data offers a huge opportunity to businesses who understand it. But it’s a balancing act; identity is a deeply personal matter, so those businesses need to treat their customers as individuals and not just business opportunities. And that’s where we, at GBG, come in. We believe that everyone should be able to conduct business safely and efficiently, everywhere – and we do that by using identity data intelligently.

At GBG, we're building a culture of engagement that’s built on us being clear about desired outcomes, then giving our people the support and flexibility needed to deliver those outcomes. We have ambitious aspirations though and so with this comes accountability, but also recognition for results.


The InfoSec Team…

Are accountable for GBG’s information security management system, security compliance, security awareness and training, security operations, product and architecture security, and information security risk management.

The Role

Junior Information Security Analyst is a key member of the Information Security Risk and Governance team responsible for the support of GBG’s group wide ISMS and activities.

What you’ll do

• Support the delivery of the GBG cyber strategy, services, capabilities and group CISO across GBG.
• Assist the implementation of GBG Information Security services as part of the CISO function.
• Work as directed by the Information Security Governance and Risk Manager to influence and support the continual improvement of GBG’s global ISMS.
• Work as part of GBG’s Information Security Risk and Governance team across a number of security improvement work streams, which support various business units and geographic regions.
• Coordinate and manage third party supplier security review process, scheduling and conducting reviews and audits, and associated risk management activities.
• Support the development of security procedures, processes in order to support service-level agreements (SLAs) to ensure that security services are managed and maintained.
• Works with information security leadership & IT teams to develop plans to enforce security requirements and address identified risks
• Manages relationship with GBG internal and external auditors

How you’ll deliver it

• These will be determined by you, in collaboration with your manager, and you’ll update them regularly to keep your contribution relevant as we evolve. You’ll do this via your Personal VOS.

To help you be successful, we’re looking for…

This role may require travel and working from multiple sites / locations. Willing and able to travel to participate in meetings, workshops, and other related activities.

• A willingness to learn and develop, with the ability to manage expectations appropriately, building long-term relationships.
• Strong ICT skills including familiarity with Microsoft Office365 product suite.
• Excellent communication skills and ability to interact with wider audience stakeholders across the globe.
• Open and honest communication, and ability to support team members within the Information Security team.
• Strong organisational skills and good attention to detail.
• Ability to prioritise work tasks in order to achieve objectives, hit milestones and complete project work within expectations.
• A good understanding of Information Technologies, including a focus on information security and cyber security.
• Ambition to stay up-to-date on IT security trends and security standards, and to develop skills and knowledge accordingly.
• An understanding of risk management methodologies.
• Exposure and familiarity to common information security management frameworks, such as ISO27001/2, ITIL, COBIT, PCI-DSS and, National Institute of Standards and Technology (NIST).
• Strong analytical skills to understand and interpret information security requirements and relate them to appropriate security controls.
• Experience to External & Internal RFP’s
• Exposure to audits from external sources, i.e. client requests, official bodies such as BSI, regulators


What’s in it for you?

We have a vision to have the best and most engaged team members in the industry. People matter at GBG, they make us who we are. Every team member across all our locations makes a difference and everyone has something to contribute.

Next steps

If you’re interested, please apply or if you’d like to hear more about the role and benefits then contact kevin.ackerman@gbgplc.com. We’re looking to hire the best and most engaged people into our business and we’ll make an offer once we’ve found that person.

Apply now