Security Compliance Analyst / Manager
Kuala Lumpur, Malaysia
Full time
Hybrid
Compensation is not specified
Role
Security Engineer
Description
- As a Security Compliance Analyst/Manager, you will be responsible for overseeing security compliance activities as part of our ongoing journey. Your role will involve actively supporting various security compliance programs and certifications, addressing compliance gaps, providing recommendations, and assisting with remediation efforts. You will be tasked with offering technical guidance to ensure that all business units meet security compliance requirements, with a particular focus on driving automation initiatives to enhance efficiency.
Responsibilities
- Support security compliance programs such as ISO27001, ISO27701, PCI-DSS, SOC 2, and others
- Engage in internal security and privacy assessments, internal and external audits, compliance certifications, and risk management activities
- Furnish accurate responses to both internal and third-party inquiries regarding security compliance
- Conduct security compliance assessments, manage risk and control assessments, and oversee remediation actions to resolution
- Design necessary controls to align with global standards and local regulations
- Assess technical and organizational controls for effectiveness and compliance, overseeing remediation efforts as needed
- Identify opportunities to streamline control testing and audit readiness through scripting and compliance tools
- Lead the development and execution of automation solutions to enhance compliance monitoring, evidence collection, and reporting processes
Requirements
- Previous experience in information security compliance, security operations, technology risk management, or related consulting roles
- Hands-on experience in security control assessments, risk assessments, or security solution implementation is preferred
- Familiarity with standards such as ISO27001, ISO27701, SOC2, PCI DSS, cloud technologies, and data protection regulations is advantageous
- Possession of security-related certifications such as CISSP, CRISC, CISM, CISA, ISO27001 LA, CIPT, CIPP/E, or similar will be a plus
- At least 3-5 years of experience in a dynamic work environment; candidates with less experience may be considered for junior positions
- Proven track record in driving compliance initiatives and collaborating with auditors and external regulators
- Proficiency in compliance automation tools and techniques, such as GRC platforms, scripting, security orchestration, AI, MCP, AI Agent, and Agentic RAG
- Hands-on experience in implementing automated control testing or evidence gathering in cloud or hybrid environments
- Team player with a positive attitude and a dedication to personal growth and development
- Detail-oriented with strong analytical skills
- Excellent communication abilities to convey complex technical issues to non-technical stakeholders
- Prior experience in project management is desirable
Skills Required

Сrypto.com
Website
Сrypto.comCompany size
Not specified
Location
United States
Description
Not specified