Senior Cyber Security SME – Salesforce & Microsoft Dynamics Platforms (Contract)

Senior Cyber Security SME – Salesforce & Microsoft Dynamics Platforms

Type: Contract – 1 Year (Possible extension)

Location: Kuala Lumpur, Malaysia

Role Overview

The role will provide subject matter expertise (SME) in cyber security for our client’s business applications operating on the Salesforce and Microsoft Dynamics platforms. The SME will support secure design, implementation, assurance, and ongoing operational oversight to ensure alignment with our client’s Digital Security policies, control catalogue requirements, and relevant regulatory and industry standards.

Key Responsibilities

• Act as the cyber security SME for Salesforce and Microsoft Dynamics platforms across our client.
• Provide security architecture and design input to projects and changes involving CRM and low code/no code platforms.
• Perform security risk assessments, threat modelling, and assurance activities for applications built on Salesforce and Microsoft Dynamics.
• Ensure alignment with our client’s Digital Security requirements, NIST CSF, ISO/IEC 27001, and our client’s control catalogue controls.
• Advise on identity and access management, data protection, logging and monitoring, secure configuration, and integration security.
• Support third party risk assessments where Salesforce or Dynamics applications involve external vendors or managed services.
• Collaborate with Business Information Security Leads (BISLs), platform teams, Architecture, Privacy, Legal, and delivery teams.
• Support audit, assurance, and regulatory evidence responses where required.
• Provide guidance on secure use of platform-native capabilities (e.g. Salesforce Shield, Dynamics security roles, APIs, and integrations).
• Contribute to our client’s cyber standards, patterns, and reusable security guidance for CRM platforms.

Key Requirements

• 10 Years in Cybersecurity or related disciplines
• Proven experience as a Cyber Security SME or Security Architect supporting enterprise SaaS platforms.
• Strong hands-on security experience with Salesforce and Microsoft Dynamics (365).
• Demonstrated knowledge of cloud security, SaaS security controls, and secure application lifecycle practices.
• Experience working within regulated, large-scale enterprise environments.
• Security certifications such as CISSP (mandatory), CISM, CCSP, or equivalent (desirable).
• Experience aligning security controls to NIST CSF and ISO/IEC 27001 (desirable).Core Skills
• Salesforce security architecture and control design
• Microsoft Dynamics 365 security model and configuration
• Identity and Access Management (Entra ID / Azure AD integration)
• SaaS security risk assessment and threat modelling
• Data protection and privacy (PII, GDPR considerations)
• API, integration, and third‑party security
• Secure cloud architecture (Azure-focused)
• Stakeholder engagement and security assurance within delivery teams
• Ability to converse in BM & English effectively