Information Security Consultant

Kuala Lumpur, Malaysia

Turner & Townsend

A global consultancy business serving clients in the real estate, infrastructure and natural resources sectors.

View company page

Company Description

Who is Turner & Townsend?

All over the world people are using buildings, infrastructure, and assets we helped to deliver. It could be the hospital they work in, the railway they travel on every day, the fuel that powers their car or the data centre they depend on at work. For more than 75 years we’ve been helping to deliver transformational programmes across the real estate, infrastructure and natural resources sectors, making a difference to people’s lives and ensuring a return on investment for our clients and their investors.

Our purpose:

Transforming performance for a green, inclusive, and productive world.

The world is changing and we have a responsibility to support that change, helping drive it and be part of it. Through the commitment, capability and care our team brings, we build trust between clients, suppliers, governments and society. Delivering better outcomes that have a positive impact on the world around us. We work smarter to face the challenges of the future; bringing the clarity that helps teams realise their full potential across the real estate, infrastructure and natural resources sectors. It’s how we’ve made the difference for more than 75 years.

Our values:

Love a challenge: We love a challenge and we work hard to make change happen and see things through. We don’t stand still, challenging ourselves and others to do better every day. And we are trusted to do the right thing, raising standards all the time.

Stronger together: We’re stronger together by connecting people in diverse teams, so that we can all collaborate to deliver our best work. We focus on what matters and use our influence to build a better world for everyone.

Bring out the best in everyone: We bring out the best in everyone. We help each other to make the most of our potential, always learning from our experience. We treat each other with care and respect and make time to give everyone a voice.

Job Description

Overall Requirement

  • We are is looking to recruit an Information Security Consultant to join our existing Information Security team.
  • Working with the Information Security team to provide advice and guidance on IT security and further develop IT policies and processes across a multi-region infrastructure consisting of 8300+ staff and 100+ sites.
  • As a member of the IT Security team, you will review all aspects of the IT environment and its components. This role shall be responsible for supporting and maintaining enterprise-wide solutions.
  • The successful candidate will be required to proactively improve and provide advice and guidance on information security matters.
  • We believe this is an excellent opportunity for candidates who have a strong understanding of IT infrastructure and/or information security within a fast-paced environment.
  • SOX control responsibilities may be part of this role, which are to be adhered to where applicable.

Key Duties and Responsibilities

  • Assist with security incident management and response activities
  • General day-to-day support on managing and responding to security alerts from systems and end users
  • Perform daily, weekly, and monthly security checks, reconciliation and compliance checks and investigate exceptions
  • Completing client security requirement questionnaires and support the bidding process Identify and raise awareness of security risks
  • Develop and enhance security policies, processes, procedures, and technical controls to strengthen Turner & Townsend’s security capabilities and resilience to cyber threats
  • Take a proactive role in identifying security risks, mitigations, and opportunities to strengthen Turner & Townsend’s resilience to cyber-attacks and security incidents
  • Participate in the design and implementation of systems and applications
  • Develop user and technical training guides
  • Maintain and manage the IT Risk register
  • Test DR plans and capabilities to ensure they work as designed, identifying gaps and lessons learnt and work with the business to drive continual development and enhancement


Technical Requirements

  • Two years hands-on experience of security and/or infrastructure within an enterprise environment
  • Exposure to enterprise information security standards including Cyber Essentials, ISO 27001, 27002 etc. Data Protection Act and the General Data Protection Regulation
  • Microsoft O365 Security solutions; Networking; Security operations; Vulnerability Management; Security Auditing
  • Good understanding of security testing principles, including experience of vulnerability scanning, identifying, resolving, and reporting risks
  • Experience of formal document creation, such as the creation of reports or procedures

Detailed knowledge of:

  • Microsoft O365 environment
  • Threat Intelligence analysis and best practice
  • Security Incident Response processes, procedures, and best practices
  • Disaster Recovery and Business Continuity principles
  • Event and log analysis

Core Behavioral Skills:

  • Confident individual with the good interpersonal skills, able to deal with people at all levels and communicate to users in a clear, non-technical language
  • Team-player
  • Analytically minded, able to break down and understand information
  • Must be comfortable with working in a fast-moving, dynamic environment
  • Strongly customer-focused, used to providing support to demanding users
  • Good organizational skills, used to managing and prioritizing own workload
  • Ability to report on progress, timescales, outstanding and completed activities


Additional Information

Our inspired people share our vision and mission. We provide a great place to work, where each person has the opportunity and voice to affect change.

We want our people to succeed both in work and life. To support this we promote a healthy, productive and flexible working environment that respects work-life balance. 

Turner & Townsend is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees and actively encourage applications from all sectors of the community.

Please find out more about us at

Join our social media conversations for more information about Turner & Townsend and our exciting future projects: 




It is strictly against Turner & Townsend policy for candidates to pay any fee in relation to our recruitment process. No recruitment agency working with Turner & Townsend will ask candidates to pay a fee at any time. 

Any unsolicited resumes/CVs submitted through our website or to Turner & Townsend personal e-mail accounts, are considered property of Turner & Townsend and are not subject to payment of agency fees. In order to be an authorised Recruitment Agency/Search Firm for Turner & Townsend, there must be a formal written agreement in place and the agency must be invited, by the Recruitment Team, to submit candidates for review. 

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits Compliance Incident response ISO 27001 IT infrastructure Log analysis Threat intelligence Vulnerability management

Perks/benefits: Career development Flex hours

Region: Asia/Pacific
Country: Malaysia
Job stats:  8  3  0
Category: Consulting Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.