Cyber Security SME

Overview

rhi are supporting our client to find a ‘hands‑on’ Senior Cyber Security SME with strong experience with Salesforce for our global oil and gas client based in Kuala Lumpur.

We are seeking 'senior' candidates with a minimum of at least 8yrs +

Contract duration: 12 month - Possible for extension

Based – Bangsar South KL - WFH 60/40

Responsibilities

The role will provide subject matter expertise (SME) in cyber security for business applications operating on the Salesforce (Must) and ideally Microsoft Dynamics platform exposure.

The SME will support secure design, implementation, assurance, and ongoing operational oversight to ensure alignment with our clients Digital Security policies, control catalogue requirements, and relevant regulatory and industry standards.

Key Accountabilities

• Act as the cyber security SME for Salesforce and Microsoft Dynamics platforms across the business.
• Provide security architecture and design input to projects and changes involving CRM and low‑code/no‑code platforms.
• Perform security risk assessments, threat modelling, and assurance activities for applications built on Salesforce and Microsoft Dynamics.
• Ensure alignment with the clients Digital Security requirements, NIST CSF, ISO/IEC 27001, and our clients control catalogue controls.
• Advise on identity and access management, data protection, logging and monitoring, secure configuration, and integration security.
• Support third‑party risk assessments where Salesforce or Dynamics applications involve external vendors or managed services.
• Collaborate with Business Information Security Leads (BISLs), platform teams, Architecture, Privacy, Legal, and delivery teams.
• Support audit, assurance, and regulatory evidence responses where required.
• Provide guidance on secure use of platform-native capabilities (e.g. Salesforce Shield, Dynamics security roles, APIs, and integrations).
• Contribute to our clients cyber standards, patterns, and reusable security guidance for CRM platforms.

Skills

• Salesforce security architecture and control design
• Microsoft Dynamics 365 security model and configuration
• Identity and Access Management (Entra ID / Azure AD integration)
• SaaS security risk assessment and threat modelling
• Data protection and privacy (PII, GDPR considerations)
• API, integration, and third‑party security
• Secure cloud architecture (Azure-focused)
• Stakeholder engagement and security assurance within delivery teams

Qualifications

• Proven experience (8 years +) as a Cyber Security SME or Security Architect supporting enterprise SaaS platforms.
• Strong hands‑on security experience with Salesforce (Must) and Microsoft Dynamics 365 (Preferred)
• Demonstrated knowledge of cloud security, SaaS security controls, and secure application lifecycle practices.
• Experience working within regulated, large‑scale enterprise environments.
• Security certifications such as CISSP (Must Have), CISM, CCSP, or equivalent (desirable).
• Experience aligning security controls to NIST CSF and ISO/IEC 27001 (desirable).

Diversity Statement

We are an equal opportunity employer that recognises the value of a diverse workforce. All suitably qualified applicants will receive consideration for employment on the basis of objective criteria and without regard to the following (which is a non‑exhaustive list): race, colour, age, religion, gender, national origin, disability, sexual orientation, gender identity, protected veteran status, or other characteristics in accordance with the relevant governing laws.