about the company
A homegrown e-commerce pioneer with a reliable platform that connects local businesses to global platforms. They have a rapidly-growing customer base of half a million shoppers and over 12,000 merchants. They have an excellent employee rewards program which shows great appreciation for both new and existing staff.
- Salary: RM 9,000 - 15,000
- Benefits: 15% EPF, Parking subsidy, Employee Loyalty Program
- Reports to: HOD
- Location: Kuala Lumpur
... about the job
- Plans, organises and manages security related to application.
- Perform security assessments against existing applications and future developments.
- Establish secure coding practices.
- Collaborate with development teams to identify and fix security issues.
- Manage vulnerability check tools such as Static Code Analysis, Software Composition Analysis and Dynamic Code Analysis tools.
- Track and report new security threats and work with the development teams to develop defence / mitigation plan.
- Contribute to the development of the organisation security standards and policies.
- Assist in development of automated security testing to validate that secure coding best practices are being used.
- Assist applications teams in understanding and resolving vulnerabilities identified through automated scanning and penetration testing.
- Monitor and response to security breaches/threats/vulnerabilities. Investigate and remediate security incidents.
- Advise and assist the development team on the Secure Software development life-cycle.
- Design, implementation, and configuration of database security architecture, software, and controls.
- Ensuring audit ability of database
- Provide secure database baseline
- Assists with audit activities
- Coordinate application pen-testing with software engineer to fix the finding
skills and experience required
- Experience with executing application layer penetration testing tools such as Static Code Analysis, Software Composition Analysis and Dynamic Code Analysis tools
- Experience with application security testing with tools and/or manually.
- Strong knowledge in web protocols, authentication mechanism, cryptography, application security, cloud architecture and/or network infrastructure security.
- Has experience writing and testing web application and web services in the following programming: Javascript & PHP.
- Familiarity with development tools including Visual Studio, JIRA, GIT and Jenkins.
- Must be able explain all vulnerabilities and weaknesses in the OWASP Top 10 & CWE 25 to any audience and discuss effective defensive techniques.
- Hold security related certification such as CEH, CASE, CASS, CISSP is a plus.
why you should apply
The exposure to advanced and emerging, the chance to work with energetic and security-focused individuals and the brand you represent makes this opportunity an excellent choice for your next career move.
how to apply
If you are ready to take the next step in your career, kindly click on the appropriate link to apply. Alternatively, you may send your latest CV for a confidential chat.
