Share this Job


Date: 13-Jun-2019

Location: Kuala Lumpur, MY

Company: Celcom Axiata Berhad

Job Description


The Information Security Senior Solutions Architect is responsible for developing the wide specific Security Solution architecture and blueprint throughout Celcom.  The solutions specialists will provide SME knowledge in respect to the functionality of the solutions, design principle, dependencies, limitations, etc. This role also plays a vital part in the planning and design of Celcom’s fundamental infrastructure and processes to ensure security risks related to technology adoption are addressed and managed appropriately. 


Advice the Head of Information Security Architecture and Technology in the development of Celcom’s Information Security Solution Architecture 
Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
Provide complete and accurate Celcom Information Infrastructure security knowledge with emphasis on the technical integration capabilities and placement of specific Celcom Information Security products and / or technology with new and existing architecture, more specifically products and solutions within the core Telecom space
Provide an advice in relation to the convergence of networks and systems from a technical, product and process perspective
Lead and execute complex Celcom Information security projects inclusive preparation of RFI/ RFQ and RFP, evaluations, vendor engagements and utilize project management skills to achieve the goals
Provide Cross – Consultation with regards to product and non – product centric align with Celcom Information Infrastructure Security architecture design.
Identify information protection goals and objectives within the scope of a strategic master plan. Contribute to the overall Celcom Information security strategy and master plans.
Assessing the adequacy and coordinating the implementation of specific Celcom Information Security controls for new Celcom Information systems and services.
Participate in the design, development and implementation of appropriate Celcom Information Infrastructure security monitoring/ reporting, intrusion detection, incident response and escalation mechanisms and procedures. To ensure that the business users / areas are provided with the required security tools, information and support required to assess the effectiveness of their proactive measures in minimizing risks against internal and external threats
Provide the technical leadership in the development and support of security measures required to protect the Celcom Information Infrastructure and data.
Research industry standards and state – of – art technology developments to ensure security techniques and mechanisms in use remain current and are capable of supporting evolving business requirements. 



  • Bachelor degree holder (IT or related technical preferred) with Information Security knowledge
  • ISO 27001 Implementer / Lead Auditor
  • CISA / CISM/ CISSP (would be an advantage)
  • Good understanding of Information security related standards and best practices (these include ISO 27001, NIST, PDPA, PCI-DSS, Cybercrime act, CSA, IETF,TIA, ETSI etc.)
  • Good understanding of Cyber laws and Law enforcement requirements


  • At least 7-10 years working experience in IT Security and or related fields.
  • At least 7 years of Information Security Solutioning 




  1. Excellent communication skills – written and verbal – to deal with technical and non-technical users.
  2. Ability to communicate information security principles, policies, rationale and standards.
  3. Foster very strong technical skills with particular emphasis on Enterprise IT Security which includes but not limited to security attacks and prevention, protection concepts and technologies, and security governance.
  4. Close monitoring and maintenance of records to enable quick response to alerts, incidents, problems and changes.
  5. Good judgment demonstrated in situations where balancing conflicting demands and taking pragmatic decisions is important
  6. Good understanding of security assessment methods, tools and best practices (baselines, standards & etc.)
  7. Understanding of Telecommunication Company Infrastructure and applications (Billing platforms, online and customer facing platforms).
  8. Understanding of Information Security Principles
  9. Understanding of Information Security Risk Management processes
  10. Information Security standards and best practices (these include ISO 27001, NIST, PDPA, PCI-DSS, Cyber crime act, etc.)


Job Segment: Telecom, Telecommunications, Corporate Security, Cyber Security, Security, Technology