# Security Lead

**Company:** [Two95 International Inc.](http://jobs.workable.com/companies/uBLbLticQ1T2pGzVbXvnAu.md)
**Location:** Kuala Lumpur, Malaysia
**Workplace:** on site
**Employment type:** Contract

[Apply for this job](http://jobs.workable.com/view/944e89b3-3e06-415c-b5d4-1ca85ae5c32e)

## Description

We are looking for an experienced Security Lead to drive end-to-end security governance and compliance for enterprise transformation programs involving SAP and non-SAP systems. The ideal candidate will be responsible for defining security strategies, managing access controls, ensuring compliance, and mitigating security risks across the organization.

## Requirements

• Define and manage the overall security strategy for the transformation program  
• Govern identity, access management, and authorization design across SAP and non-SAP applications  
• Ensure compliance with security standards, regulatory requirements, and audit controls  
• Conduct Segregation of Duties (SoD) analysis, risk assessments, and control implementation  
• Lead security reviews, approvals, and remediation activities  
• Coordinate security testing, user access provisioning, and cutover readiness activities  
• Act as the escalation point for security incidents, vulnerabilities, and risk management  
• Support post go-live security monitoring, stabilization, and compliance activities

### Requirements

• Bachelor’s Degree in Information Technology, Computer Science, Cyber Security, or related field  
• Strong experience in enterprise security governance and compliance management  
• Hands-on experience with SAP Security, access controls, and authorization concepts  
• Good understanding of Segregation of Duties (SoD), risk analysis, and audit processes  
• Experience managing security in large-scale transformation or ERP implementation projects  
• Knowledge of regulatory and compliance standards related to IT security  
• Strong stakeholder management, communication, and problem-solving skills  
• Ability to manage security incidents, remediation planning, and governance activities  
• Experience coordinating security testing and cutover activities is an added advantage