Cybersecurity Consultant

About The Job

As a Cybersecurity Consultant at SUSS, you will play a key role in strengthening the university’s cybersecurity posture, ensuring compliance with international standards (ISO 27001, ISO 22301, Cyber Trust Mark, etc.), and safeguarding critical digital assets. You will work closely with IT Infrastructure, Applications, and Operations teams to design, implement, monitor, and maintain security solutions, while also supporting incident response and risk mitigation initiatives.

What You Will Be Doing

Key Responsibilities

• Security Operations & Monitoring
  • Support SOC operations with threat detection, analysis, and incident response.
  • Monitor security alerts from SIEM, EDR, and vulnerability management platforms (e.g., Tenable, CrowdStrike).
  • Investigate and respond to cybersecurity incidents in a timely manner.
• Vulnerability & Risk Management
  • Conduct regular vulnerability assessments, penetration testing coordination, and patch compliance checks.
  • Support Continuous Threat Exposure Management (CTEM) initiatives.
  • Maintain risk registers and follow up on mitigation actions.
• Security Engineering & Implementation
  • Deploy, configure, and maintain cybersecurity tools such as Privileged Access Management (PAM), firewalls, IDS/IPS, WAF, and endpoint security solutions.
  • Assist in secure system design, architecture reviews, and network segmentation projects.
  • Implement security controls aligned with MAS TRM, PDPA, and internal security policies.

• Compliance & Governance
• Support audits and certification exercises (ISO 27001, ISO 22301, CTM, DPTM).
• Develop and maintain IT security documentation, playbooks, and SOPs.
• Ensure security measures align with SUSS sustainability and Green IT initiatives.
• Awareness & Collaboration
• Provide security advisory to project teams, application developers, and business units.
• Support phishing simulation exercises and cybersecurity awareness training.
• Work with vendors and partners to evaluate and implement emerging security technologies.

Job Requirements

Qualifications & Experience

• Bachelor’s degree in Computer Science, Information Security, or related field.
• At least 3–5 years of hands-on cybersecurity or IT infrastructure experience.
• Industry certifications preferred (e.g., CISSP, CISM, CISA, CEH, OSCP, CCNP Security, Microsoft Security Engineer, Palo Alto, etc.).

Technical Skills

• Experience with security tools: SIEM, EDR/XDR, PAM, vulnerability scanners, firewalls, WAF, IDS/IPS.
• Familiarity with Microsoft 365 Security, Azure AD, and cloud security controls.
• Strong understanding of networking (TCP/IP, VPN, Wi-Fi security, DNS, firewalls).
• Knowledge of Linux/Windows hardening, Active Directory, and identity security.
• Good grasp of secure software development lifecycle (SSDLC) and DevSecOps concepts (advantageous).

Soft Skills

• Analytical and problem-solving mindset with attention to detail.
• Strong communication skills to engage stakeholders across technical and non-technical domains.
• Ability to work independently as well as in a collaborative team environment.
• Proactive, adaptable, and eager to learn new security technologies.