IT Infrastructure & Service Compliance Executive - Batu Pahat

The role supports the organization's strategic objectives by strengthening operational controls, optimizing ITSM maturity, and ensuring the integrity, efficiency, and security of IT services. A major initiative under this role is to lead the company’s certification journey for ISO 20000 and ISO 27001 within 12 months.

Key Responsibilities

Infrastructure and ITSM Governance Audit Responsibilities

Conduct in-depth audits of compute, network, and storage environments for compliance with internal standards, ITIL best practices, and industry regulations.

Lead process governance assessments across all ITSM domains, including Incident,Problem, Change and Service Continuity Management.

Audit the completeness, consistency, and currency of IT infrastructure and ITSM policy/process documentation.

Evaluate alignment with governance frameworks such as COBIT and ISO 38500.

Validate that roles, responsibilities, and ownership structures are defined and enforced within ITSM and infrastructure operations.

Ensure continuous quality assurance by monitoring adherence to SLA/SLO targets, availability, and risk controls.

Assess and report on infrastructure and service management controls contributing to ISO 20000 and ISO 27001 readiness, and manage the projects toward certification within 12 months.

Prepare integrated audit reports combining technical and process findings, with clear remediation actions and ownership.

Collaborate with engineering and service delivery teams to improve configuration standardization and automation.

Contribute to the development of dashboards or tools for ongoing ITSM and infrastructure governance monitoring

Compute Infrastructure Governance

Evaluate server platforms (Windows, Linux, on-premise, cloud-based) for patching, security hardening, access control, and DR readiness.

Review virtualization/containerization technologies (e.g., VMware, Kubernetes) for policy enforcement and security posture.

Storage Infrastructure Governance

Assess the design and operation of SAN, NAS, and cloud storage for encryption, access control, and backup policy compliance.

Audit capacity planning, data retention, replication, and disaster recovery controls.

Evaluate storage access monitoring and audit logging.

Network Infrastructure Governance

Audit the design, segmentation, and controls of WAN, LAN, VPN, firewall, and SD-WAN configurations.

Assess compliance with network zoning, ACLs, firewall rules, and encryption policies.

Review network monitoring, logging, and event correlation capabilities.

ITSM Governance and Quality Assurance

Ensure Incident, Problem, Change, and Request Fulfillment processes are well-documented, automated where possible, and integrated with the CMDB.

Evaluate ITSM tool configuration and workflow automation compliance with ITIL standards.

Assess the execution and governance of ITIL CSI cycles and CAB effectiveness.

Requirements:

Experience & Technical Skills

5+ years of experience in IT infrastructure auditing.

CISA, ITIL 4 Managing Professional, ISO/IEC 27001 Lead Auditor, and/or ISO/IEC 20000 Consultant certifications preferred.

Understanding of enterprise infrastructure technologies (compute, network, storage) across on-premises, cloud, and hybrid environments.

Familiarity with ITIL-based service operations, service design, and continual improvement.

Experience implementing or preparing for ISO 27001 and ISO 20000 certification.

Interpersonal Skills

Excellent written and verbal communication in English for audit reporting, presentations, and policy documentation.

Strong analytical mindset with attention to detail and process orientation.

Proven ability to manage cross-functional audit engagements and certification projects.

Working Conditions

Hybrid/remote flexibility depending on company policy.

Occasional on-site assessments or audits may be required.

Experience Required: Min 5 Year/s