Executive Officer, GT-TSS, Privilege Access Management MY at CIMB Group Malaysia

Kuala Lumpur, Kuala Lumpur, Malaysia -

Full Time

Start Date

Immediate

Expiry Date

04 Jun, 26

Salary

0.0

Posted On

06 Mar, 26

Experience

0 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Privileged Identity Lifecycle Management, Server Onboarding, Application Onboarding, Password Vaulting, Secrets Management, Incident Response, Audit Support, Windows, Linux, AS400, Mainframe Security, Active Directory, LDAP, AWS, Azure, RBAC

Industry

Banking

Description

Job Purpose * CSA-PAM team (Privilege Access Management) play a critical role as the custodian of Privileged IDs for CIMB applications, servers, databases, infrastructure components and cloud services. The role involves managing privileged identities, onboarding systems, supporting password lifecycle management, and assisting with audit and compliance activities. This role provides exposure to enterprise security controls, cloud privileged access, and secrets management. Job Description * Privileged Identity Lifecycle Management • Create, modify, and delete privileged IDs in accordance with SOP • Perform PID handover validation • Support periodic access review Server & Application Onboarding • Onboard servers, applications, and network devices into PAM • Configure access policies and credential management settings • Support onboarding of cloud and SaaS resources (where applicable) Password & Credential Management • Manage password vaulting and rotation • Perform manual password updates for non-automatable systems • Support secrets lifecycle activities (where applicable) Operational Support • Respond to access-related incidents and user queries • Support after-office hours or maintenance window activities when required • Escalate issues appropriately based on risk and impact Audit & Compliance Support • Prepare audit evidence and reports • Support remediation activities arising from audit findings Job Specification * Qualifications (Basic Degree/Diploma etc) Bachelor’s Degree in Computer Science / Information Technology or equivalent. Professional Qualification and/or Regulatory, Licensing requirements • Security industry certifications such as CISSP, CISM or CEH would be added advantage. Relevant Work Experience • Minimum 1–2 years of experience in IT operations, infrastructure, or security. • Fresh graduates with strong technical foundation may be considered. Key Dimension of Impact * Non-Financial Impact • Supports PAM operations covering approximately 4,800+ enterprise resources, forecasted to grow to 9,000+ by 2027. • Manages and supports over 38,000 privileged IDs, projected to exceed 80,000 by 2027. • Handles approximately 180–200 privileged access-related requests per month. • Processes ~70 privileged ID lifecycle management requests per month. • Supports onboarding of new systems and applications into the enterprise PAM platform (average 11 requests per month) • Contributes to audit readiness and supports multiple audit engagements annually. Financial Impact • No direct budget ownership. • Indirectly supports protection of enterprise systems critical to business operations through effective privileged access controls. Required Competencies and Skills * Competencies/Skills (Essential to succeed in this job) Technical/Functional skills • Understanding of Windows/Linux user account management • Knowledge on AS400 and Mainframe security would be a plus • Basic knowledge of Active Directory / LDAP • Familiarity with cloud platforms (AWS, Azure, etc) is an advantage • Understanding of access control concepts (RBAC, least privilege) • Excellent communication skills, both oral and written • Knowledge of security best practices and concepts • Strong knowledge and vast experience in certain technology may be substituted for above skills Personal skills (Soft Competencies [Core/Leadership]) • Able to handle sensitive information responsibly • Good communication skills for cross-team coordination • Willingness to learn and grow in cybersecurity domain • Highly result oriented and can work independently • Proactive rather than reactive • Team player with good interpersonal skills • Ability to work under pressure to tight timelines • Good analytical, technical, written and communication skills

Responsibilities

This role is responsible for managing privileged identities, including creating, modifying, and deleting IDs, supporting password lifecycle management, and onboarding various enterprise systems and cloud services into the Privilege Access Management (PAM) system. The officer will also provide operational support for access-related incidents and assist with audit and compliance activities.