IT & Cyber Security Engineer

OUR COMPANY

Mediexpress (M) Sdn Bhd

Who We Are

At Mediexpress (M) Sdn Bhd, we're proud to be one of Malaysia's leaders in managed healthcare services and part of a global Japanese multinational group. We believe in making healthcare services simpler, smarter, and more effective and we know it takes great people to make that happen.

We are one of the leaders in managed healthcare services in Malaysia and a subsidiary of Japanese MNC.

Join our growing tech team

We're looking for a passionate and proactive IT & Cyber Security Engineer who's eager to grow and contribute to real-world application development. In this role, you'll support system architecture, enhance existing applications, and ensure secure, efficient data operations across platforms.

Key Responsibilities

To safeguard and strengthen the organisation's IT and digital assets through implementation of robust security controls, active cyber defense, proactive threat detection, monitoring, and response. The role integrates IT Security (infrastructure protection, access control, compliance) & Cybersecurity (threat monitoring, incident response, and user awareness) ensuring all systems, networks, and processes are designed, implemented, and maintained according to security best practices, regulatory standards (PDPA, BNM RMiT, and ISO 27001), and organizational policies.

Key Responsibilities

1. Infrastructure Security Operations & Protections

• Implement, manage & review enterprise security controls (firewalls/IDS/IPS, VPN, switch, storage, wifi, WAF/DDOS, endpoint protection, DLP, Gateway, etc.) and configurations complying to security baselines
• Monitor security systems and analyze security events(including email threats, EDR, etc), logs, and alerts from multiple sources to detect potential threats or breaches -
• Maintain and update firewall policies, VPN configurations, and network segmentation rules. -
• Coordinate incident response and support/conduct forensic investigation when security incidents occur with internal IT and external vendors

• Ensure patch management, OS hardening, and secure configuration of IT assets

• Vulnerability & Security Patch Management

• Conduct periodic vulnerability scans across servers, endpoints, and network devices

• Track patching status with Infrastructure & Application teams to close gaps within defined SLAs

• Conduct configuration reviews against CIS/NIST baselines for firewalls, Windows Server, Hyper-V, and database systems

• Network & System Security

• Securely configure and manage network devices (firewalls, switches, routers, WiFi controllers) and network segmentation (VLANs) ensuring proper inter VLANs ACLs

• Support secure setup of switches, Wi-Fi, and Endpoint protection solution as well as remote connectivity (IPSec VPN, SSL VPN, SD-WAN)
• Coordinate with system administrators on securing servers, VMs, backups, and BCP/DR setups

• Implement Zero Trust principles in network design and system access.

• Identity, Access, Data Protection & Compliance

• Manage user access provisioning and de-provisioning, role-based access controls (RBAC), privileged account management and review access logs periodically

• Support MFA and secure authentication setup for corporate and remote systems. -
• Implement & manage data protection controls such as encryption, DLP, and secure file transfer mechanisms. -
• Support compliance with PDPA, BNM RMiT, ISO/IEC 27001 standards
• Maintain documentations (on all configurations) for compliance (asset inventory, control mapping, audit review & evidence)

5. Monitoring, Reporting & Continuous Improvement

• Develop and maintain dashboards and periodic reports on security posture, incidents, and vulnerabilities for management review
• Participate in tabletop exercises and disaster recovery drills
• Support awareness training programs and provide input for phishing simulation or staff education, internal user security briefings

• Cotinuously evaluate new security technologies and recommend improvements

• Collaboration & Governance

• Work closely with IT Infrastructure, Application, and Compliance teams to ensure security by design -

• Support vendor due diligence and third-party security assessments
• Assist in drafting and reviewing IT Security Policies, SOPs, and Guidelines
• Participate in internal IT steering or risk management meetings when required

Competencies

1Technical & Functional competencies on listed key responsibilities

1. Ability to interpret and translate regulatory requirements into business action with strong understanding of security, personal data handling and privacy obligations

2. Ability to analyse, think critically, problem-solving and attention to details

3. Excellent written, verbal communication skillls for both technical and non-technical audiences, working effectively to collaborate across teams

4. Takes ownership, accountability, staying resilience with challenges encountered and upholding integrity in handling sensitive information

Requirements

1. Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, Network Engineering or related field

2. Professional certifications or ongoing certification pursuits are advantageous (e.g., CompTIA Security+, ISO 27001 ISMS, etc)

3. 2-8+ years in System Administration, Network Operations, Information Security

4. Hands-on experience managing firewalls, VPNs, endpoint protection, and vulnerability management; supporting incident response or audits

5. Experience in a regulated IT environment (insurance, healthcare, finance) supporting regulatory audits (BNM RMiT, PDPA, ISO 27001, SOC 2, etc.) is preferred

6. Familiarity with hybrid cloud infrastructure (Data Centre + Cloud) or fully cloud is advantages

Soft Skills:

• Strong analytical and problem-solving mindset.
• Good communication and teamwork skills.
• Able to work independently under pressure and meet deadlines.

Why Join Us?

• Opportunity to grow in a collaborative tech environment.
• Work on impactful software used across multiple functions.
• Supportive team culture with continuous learning opportunities.

Job Types: Full-time, Permanent,

Working mode : ON SITE

APPLICATION ONLY FOR MALAYSIAN CITIZEN

Benefits:

• Dental insurance
• Flexible schedule
• Health insurance
• Maternity leave
• Opportunities for promotion
• Professional development

Work Location: In person

Job Types: Full-time, Permanent

Pay: Up to RM8,000.00 per month

Benefits:

• Flexible schedule
• Health insurance
• Opportunities for promotion
• Professional development
• Vision insurance

Work Location: In person