Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
References
Timeline
Generic

Afizi Mohamed

Bandar Enstek

Summary

Dynamic cybersecurity leader with extensive experience at Malaysia Airports Holdings Berhad, specializing in security program implementation and vulnerability assessment. Proven track record in architecting enterprise-wide strategies and enhancing security posture through innovative solutions. Adept at fostering cross-functional collaboration and cultivating a security-aware culture, driving organizational resilience and compliance.

Overview

19
19
years of professional experience
1
1
Certification

Work History

Acting Senior Manager

Malaysia Airports Holdings Berhad
KLIA
04.2025 - Current
  • Architected and directed enterprise-wide cybersecurity strategy and technology roadmap for national aviation ecosystem.
  • Championed modernization of security architecture across Information Technology and Operational Technology domains.
  • Implemented SIEM, EDR, NDR, MDR, and Privileged Access Management for critical systems.
  • Established robust cybersecurity governance, risk, and compliance framework to ensure regulatory adherence.
  • Conducted comprehensive risk assessments of critical airport systems and maintained enterprise risk register.
  • Led threat intelligence, vulnerability management, and incident response strategies for enhanced security posture.
  • Orchestrated enterprise cybersecurity drills and simulations to validate organizational readiness.
  • Led cross-functional teams to develop strategic initiatives and enhance operational efficiency.
  • Cultivated security-aware culture through targeted training and awareness programs for all personnel levels.

Manager, Cybersecurity Management

Malaysia Airports Holdings Berhad
KLIA
03.2022 - Current
  • Provide strategic direction and technical requirements on all activities related to Endpoint Security, Vulnerability Assessment, Patch Management, Penetration Testing, Red Teaming, Security Operation Centre, Digital Forensics, Cyber Threat Intelligence, Cyber Drill/Table Top Exercise, Business Continuity Plan, Identity and Access Management, and Data Leakage Protection in support of MAHB's business objectives.
  • Defining IT security policies, and plans and establishing procedures and monitoring, detecting and reporting to management.
  • Lead the internal Computer Security Incident Response Team (CSIRT) on cybersecurity incidents.
  • Permanent members of the architecture review board and change control board, to review cyber security aspects of the application and system design.
  • Review architecture design of new application and infrastructure, and provides cybersecurity advisory for all MAHB IT projects (CCTV and ACAM, Transit Train System, Flight Information Display, Smart Meter Reading, Baggage Handling System).
  • Review recommendations provided by the Head of Sub-Units on related issues and grant approval on the recommendations based on the level of authority.
  • Keep abreast with the new development in the cyber security industry and advise the management accordingly for the management to make decisions or plans.
  • Perform duties with due diligence and professional care following professional standards and best practices.
  • To comply with MAHB's information security objectives and adhere to all relevant policies, procedures and guidelines.
  • Keep updated on knowledge and awareness of the latest security trends.
  • Leading information security breach investigation.
  • Conduct security research and intelligence gathering on emerging threats, exploits and cybersecurity technologies.

Sr Executive, Cybersecurity Incident Management

Malaysia Airports Holdings Berhad
Sepang
07.2014 - 02.2022
  • Created cybersecurity best practice communications to educate staff against known threats and potential vectors of attack.
  • Plan, design, execute and follow up on the internal vulnerability management program. Follow up and work with the respective unit to resolve the vulnerability.
  • Design, strategize and implement vulnerability assessment and penetration testing programs for enterprise wide. Follow up and work with the respective unit to resolve the vulnerability.
  • Strategize and plan a cybersecurity roadmap for MAHB.
  • Managed company-wide IPS, web application firewall, DNS, SIEM, and internal vulnerability assessment tools.
  • Evaluate new technology adoption such as endpoint detection and response (EDR), extended detection and response (XDR), information leakage prevention (DLP), VMware AVI and NSX, and database security for future proof readiness.
  • Recommend, review, and execute new cybersecurity solution for MAHB through tendering process.
  • Recommend improvements in security systems and procedures on existing and new system.
  • Reviewed violations of computer security procedures and developed mitigation plans.
  • Represented company's technical security interests to partners to provide bi-directional flow of technical information and best practices in information security.
  • Provided consultation and technical services on all aspects of information security in supporting digitalization project of MAHB such as Single Token, AIS3, Vehicle Tracking System, Airport Collaborative Decision Making, Azure IAAS, Office365 etc.
  • Coordinate internal and external vulnerability assessments and penetration testing and provided results and recommendations to senior management.
  • Validated and verified system security requirements definitions and analyzed system security designs.
  • Planned and oversaw configuration changes for security infrastructure platforms via internal process of change management.
  • Worked with business partners to balance requirements, security and risk reduction.
  • Liaised with third parties to respond to security events and understand threat landscape.
  • Maintaining IT Division IT Security Policy and standards pertaining to IT security and assurance.
  • Monitoring, detecting and reporting cyber security incident and alerts.
  • Act as operating unit's central point of contact for all incidents related to IT security, develop incident handling procedures, and report all incidents to responsible incident response capability.
  • Represent MAHB to participate with government agencies on national cyber security initiative.

IT Executive

Malaysia Airport Technologies Sdn Bhd
Sepang
04.2006 - 06.2014
  • Provide first level support on day-to-day system operation to all users in MAHB subsidiaries (namely APAC, ERAMAN, KLAH, MA Properties, MA Sepang, MA Technologies, MAAH, MAHB, MAMTS, MASB and UTW).
  • Ensure server maintenance for daily, weekly and monthly tasks done successfully, operation run smoothly and effective as stated in Standard Operating.
  • Designed proactive preventive maintenance schedules to prevent unnecessary downtime and hardware faults. Perform interval preventive maintenance and corrective maintenance.
  • Handle hardware and software for Lotus Notes System at KLIA and Corporate Office.
  • Attending average of 30 ticket daily in regards to email (Lotus Notes, Blackberry, Lotus Traveler) from all airports all over Malaysia.
  • Manage and responsible of Primary Domain Server, Backup Domain Server and File Server.
  • Manage and responsible for Blackberry Enterprise Server and Lotus Traveler Server.
  • Manage and responsible of Datacenter Intrusion Prevention System (IPS) for MAHB.
  • Manage and responsible of Datacenter virtual server environment.
  • Lead and responsible on monitoring of any email virus issues (mail firewall, virus log, update Anti Virus, etc).
  • Responsible on mail server setup, mail firewall setup, Network configuration at email system.
  • Responsible and perform backup task for Domino and File Server System and ensuring all backup tasks schedule is running. Lead team to conduct system test.
  • Responsible on designing, maintaining and performing required task to align Lotus Domino to comply with MAHB business continuity plan.
  • Involve project internally/externally on operation and maintenance task if required.
  • Procedure (SOP), effectively troubleshoot and diagnose cause of system failure.
  • Involve in user training to all users (APAC, ERAMAN, KLAH, MA Properties, MA Sepang, MA Technologies, MAAH, MAHB, MAMTS, MASB and UTW).
  • Provisioned new software and hardware for use according to internal business and security policies.
  • Provided second-level support for server-class systems.
  • Resolved problems, improved operations and provided exceptional service.

Education

Bachelor of Science - Computer Science (Software Engineering)

Universiti Putra Malaysia
Serdang, Selangor
07.2003

Skills

  • Security control design
  • Security program implementation
  • System architecture review
  • Patch management
  • Network security
  • Cloud services management

Certification

  • ISC2 Cybersecurity Certified, 2023, 769030
  • Global Ace Certified Incident Handling and Network Security Analyst (CIHNSA), 2024

Accomplishments

  • 04/2023, Lead the Cybersecurity and IT Risk Management team implementing Cybersecurity Acceleration Programme 2.0, to uplift the resiliency of cybersecurity of MAHB within 3 years consist of 7 technology adoption and 4 services. The project is expected to be completed by 04/2025.
  • 01/2019, Lead the Performance, Compliance and Security Assurance team to implement Cybersecurity Operation Centre (CSOC) via managed services model which comes under the umbrella of Cybersecurity Acceleration Programme 1.0. The introduction of CSOC enables MAHB to have a better visibility towards the threat detection and response, improved incident response capability and faster incident resolution up to 30% compared to the previous year.

References

  • Supervisor Reference, Puan Suzaliana Samuri, Senior Manager, Cybersecurity and IT Risk Management, IT Division, MAHB, suzaliana@malaysiaairports.com.my, 017-2275707
  • Peers Reference, Hibatul Hakimi Zainul Abidin, Assistant Vice President (AVP) IT and Cyber Security, Cagamas Berhad, hibatulhakimi7007@gmail.com, 013-3986393
  • Industry Reference, Mahmud Abdul Rahman, Managing Director, Netbyte Security Sdn Bhd, root@netbytesec.com, 012-3248744

Timeline

Acting Senior Manager

Malaysia Airports Holdings Berhad
04.2025 - Current

Manager, Cybersecurity Management

Malaysia Airports Holdings Berhad
03.2022 - Current

Sr Executive, Cybersecurity Incident Management

Malaysia Airports Holdings Berhad
07.2014 - 02.2022

IT Executive

Malaysia Airport Technologies Sdn Bhd
04.2006 - 06.2014

Bachelor of Science - Computer Science (Software Engineering)

Universiti Putra Malaysia

Similar Profiles

CREATE PROFILE
Afizi Mohamed