- Conduct security assessments of applications to identify vulnerabilities, weaknesses, and potential threats.
- Collaborate with development teams to remediate and mitigate security issues.
- Utilize source code compliance tools, such as Veracode, SonarQube, and others, to analyze application code for security vulnerabilities.
- Provide guidance and recommendations for secure coding practices to development teams.
- Perform initial forensic analysis of security incidents and breaches to gather evidence, determine the extent of the incident, and support incident response efforts.
- Maintain encryption and key management solutions to protect sensitive data.
- Ensure the implementation of cryptography standards and key rotation practices.
- Maintain the Key management system, including key generation, storage, and distribution
- Monitor and manage cryptographic keys for secure communication and data protection.
- Maintain the API inventory and conduct periodic asset reviews.
- Manage asset life-cycles, including timely decommissioning.
- Promote security awareness among development teams and foster a culture of secure coding practices.
- Provide training and resources to improve application security.
- Develop and maintain secure coding guidelines and best practices for application development.
- Collaborate with development teams to integrate security principles into the software development life cycle.
- Work closely with developers to remediate identified vulnerabilities in applications.
- Provide guidance and recommendations for secure coding practices.
- Track and manage application vulnerabilities.
- Ensure vulnerabilities are reported, assessed, and addressed in a timely manner.
- Implement and manage security tools and technologies to enhance application security.
- Configure, monitor, and optimize security solutions for application protection
- Stay updated on the latest security tools, technologies, and trends related to application security.
- Evaluate and implement new security tools as needed.
- Assist in the response and investigation of security incidents related to applications.
- Work to mitigate the impact of incidents and prevent future occurrences.
- Collaborate with cross-functional teams to ensure security measures are integrated into the application development lifecycle.
- Maintain records of application security assessments, vulnerabilities, and remediation efforts.
- Generate reports for management and stakeholders.
-
IT Security Engineer- Cyber security
3 days ago
Optimum Solutions (Singapore) Pte Ltd Kuala Lumpur, Malaysia Part timeRole: IT Security Engineer · Role Type: Initial 12 months and Extendable Contract through Optimum Infosolutions – KL, Malaysia · Job Location: Menara Southpoint, Kualalumpur, Malaysia · Job Description (JD) · Deliverables: · • Security Engineer is responsible for assisting i ...
-
Security Engineer
3 days ago
Capgemini Singapore Pte Ltd Kuala Lumpur, Malaysia Full timeResponsibilities: · Vulnerability and incident analysis: intrusion detection & prevention, attack pattern analysis and remediation options, network security and encryption · Problem management: root cause analysis across security incident, malware infection and breach cross dom ...
-
IT System Security Engineer
3 days ago
BTC Recruitment Malaysia - Executive Search Recruitment Agency Malaysia, Kuala Lumpur Full timeOpen Position: IT System Security Engineer (MNC Organisation) · An MNC Organisation is currently looking for IT System Security Engineer to join the team and based at the Kuala Lumpur office. · Key responsibilities includes: · Strong knowledge and experience in implementing Netwo ...
-
Network Security Engineer
2 weeks ago
Appvalley Technology Malaysia, Kuala Lumpur Full timeJob Title: Network Engineer · Job Overview: · We are seeking a skilled and experienced network engineer and a detail-oriented security engineer to join our team in a dynamic and challenging environment. The ideal candidate will have expertise in network infrastructure, with a foc ...
-
Cyber Security Engineer
3 days ago
Kenanga Group Malaysia, Kuala Lumpur Full timeJOB SUMMARY · We are looking for a Cybersecurity Engineer to join our security team and help us protect our systems, networks, and data from cyber threats. You will be responsible for planning, implementing, and maintaining cybersecurity solutions, such as firewalls, antivirus, ...
-
Cyber Security Engineer
2 weeks ago
Guardian365 SDN. Malaysia, Kuala Lumpur Full timeCompany Description · Guardian365 SDN.BHD. is a leading cyber security provider based in WP. Kuala Lumpur. We offer cutting-edge cyber security solutions to safeguard your online assets and provide 24/7 protection from evolving cyber threats. Our comprehensive services are tailor ...
-
Network Security Engineer
2 weeks ago
Ekco NL Malaysia, Kuala Lumpur Full time????Ekco is on a journey to becoming a leading force in the Global tech landscape We accelerate our customers digital ambitions security and intelligently through our focus on People Excellence, Customer Closeness, Speed of Execution, and Innovation & Thought leadership. · ???? W ...
-
Senior Security Engineer
3 days ago
Jobs via eFinancialCareers Malaysia, Kuala Lumpur Full timeJob Description · Are you passionate about protecting digital assets and ensuring the integrity of security systems Our client, a global leader in financial services, is looking for a skilled Senior Security Engineer to join their dynamic team You will be responsible for, Playing ...
-
Security Solutions Engineer
3 days ago
Bank Negara Malaysia Kuala Lumpur, Malaysia Full timeJob Title : Security Solution EngineerROLE PURPOSE :Plan, design, manage and technical execution / delivery of the Bank's IT security solutions. Ensure · effectiveness of the controls in the IT infrastructure and systems to safeguard the Bank's IT · environment from internal an ...
-
Network security engineer
2 days ago
Mvc Resources Kuala Lumpur, Malaysia Full timeDUTIES AND RESPONSIBILITIES | About the role Maintains customer satisfaction that meets company's standards. Meets project implementation targets for timeliness, customer success metrics and customer adoption. Completes required certification, training and development objectives ...
-
Information Security Engineer
3 days ago
Yulon Capital Sdn Bhd Malaysia, Kuala Lumpur Full timeObjectives of this role · Monitoring and troubleshooting Server and internal network. · Install computer systems on time in-order to meet requirement. · Setup and maintain Office peripheral equipment · Assist on training and onboarding processes. · Ensuring network security pol ...
-
OT Security Engineer
3 days ago
Averis Malaysia, Kuala Lumpur Full timeHello, we are Averis · We are a Global Business Services (GBS) that look into consolidating services and standardization of transactional practices, helping MNC / large enterprises achieve better economies of scale by mean of improving productivity and reducing costs. · Our journ ...
-
Cloud Security Engineer
3 days ago
Logicalis Asia Malaysia, Kuala Lumpur Full timeWhy choose Logicalis · As Architects of Change, Logicalis' focus is to design, support and execute clients' digital transformation by uniting their vision with their technology expertise and industry insights. The company, through its deep understanding of key IT industry drivers ...
-
Network Security Engineer
2 weeks ago
FIRMUS Malaysia, Kuala Lumpur Full timeCompany Description · FIRMUS, established in 2008, is a leading provider of Cyber Security services and solutions. We are certified to ISO/IEC 27001:2022 and are CREST accredited for penetration testing services. Our mission is to build a secure business environment for our clien ...
-
Network Security Engineer
1 week ago
Randstad Malaysia Kuala Lumpur, Malaysia Full timeabout the company · you will be working with a top IT solutions provider with more than 20 years of success. with their strong values, they are determined to provide the best solutions for their wide range of respectable clients. · about the job · you will be responsible with pro ...
-
Senior IT Security Operations Engineer
2 weeks ago
Ssquad Global Malaysia, Kuala Lumpur Full timeJob Title: Senior IT Security Engineer · Job Summary: · The Senior IT Security Engineer specializing in cloud security plays a pivotal role in safeguarding our digital infrastructure. This role involves designing and implementing robust security measures for our cloud environme ...
-
Senior Cloud Security Engineer
2 weeks ago
AEON Bank Malaysia, Kuala Lumpur Full timeJob Description: · 1. Security control and implementation · Design and build resilient cloud based infrastructure that are protected against security threats, including access management, network segmentation, systems, services and applications · Experience using CI/CD pipeline ...
-
Lead, Network Security Engineer
3 days ago
CIMB Malaysia, Kuala Lumpur Full timeKey Responsibilities · Develop and document reference on Network Security solutions and associated standards to be used as a basis for technology selection and implementation. · Participate in the selection of hardware and software, products, design and participate in the planni ...
-
Internship-Cloud/Security Engineer MJ000052
3 days ago
Sangfor Technologies Malaysia, Kuala Lumpur Full timeKey Responsibilities: · Provide expert technical assistance to customers, partners, and internal teams via phone, email, and other communication channels. · Conduct detailed analysis and troubleshooting of technical issues related to Sangfor products, ensuring effective resolut ...
-
Network Security Specialist
1 week ago
Avows Technologies Sdn Bhd Kuala Lumpur, MalaysiaMinimum 4 to 5 years of experience in working with network security related projects · - In-depth knowledge of network security (Firewall, IPS, VPN, DLP, Proxy, WAF) in enterprise and cloud environment. · - Hands on experience in security systems, including firewalls, intrusion d ...
Application Security Engineer - Malaysia, Kuala Lumpur - Boost
Description
Boost, the digital services arm of Axiata Group Berhad, is at the forefront of digital transformation, operating brands that specialize in digital payments, digital financing, and platforms. With a focus on driving innovation and fostering synergies within the digital ecosystem, Boost plays a pivotal role in empowering businesses and consumers to embrace the boundless opportunities of the digital era. Through strategic collaborations with industry partners, including technology providers, Boost continuously strives to deliver cutting-edge solutions and revolutionize the way businesses operate in the digital landscape.
Role Overview:
We are looking for a talented and dedicated Application Security Specialist to join our security operation team. The specialist will be responsible for ensuring the security of our applications, identifying vulnerabilities, and implementing robust security measures to protect our digital assets.
Job Description
Application Security Assessment:
Source Code Compliance:
Forensic Analysis (Initial):
Encryption and Key Management:
Key Management System Maintenance:
Asset Management:
Security Awareness:
Secure Coding Guidelines:
Vulnerability Management:
Security Tool Management:
Incident Response:
Collaboration:
Documentation and Reporting:
The right individual will have the following key success capabilities and qualities;
• Bachelor's degree in computer science, information security, or a related field.
• A minimum of 3 years of experience in application security assessment, penetration testing, or secure coding practices.
• Strong knowledge of application security best practices, vulnerability assessment, and remediation.
• Proficiency in security tools and technologies for application security.
• Experience with secure coding practices and software development methodologies.
• Familiarity with industry standards and regulatory requirements related to application security.
• Excellent problem-solving and communication skills.
• Security certifications, such as Certified Information Systems Security Professional (CISSP), Certified Application Security Engineer (CASE) or Certified Application Security Tester (CAST), are a plus.