Explore outstanding Cloud & Infrastructure jobs.
See now

Remote - Cyber Security Lead (OWASP, AWS, CISSP)

OrgScale Recruitment
., Ho Chi Minh
Ha Noi, Ha Noi
., Da Nang
Remote
Posted 11 hours ago
Job Expertise:
Job Domain:
Software Products and Web Services

Job description

Key Responsibilities

1. Security Strategy & Governance

  • Develop and execute the company's cybersecurity strategy aligned with business objectives and risk appetite.
  • Define security priorities, roadmap, and investment plans to strengthen the organization's overall security posture.
  • Establish security policies, standards, and best practices across the business.
  • Build and maintain a comprehensive asset inventory and risk register to identify, assess, and manage security risks.
  • Present security risks, initiatives, and progress updates to senior management in a clear, business-focused manner.

2. Security Assessment & Risk Management

  • Plan, coordinate, and perform security assessments across web applications, APIs, infrastructure, and cloud environments.
  • Conduct penetration testing, vulnerability assessments, and business logic testing to identify security weaknesses.
  • Evaluate platform security risks, including account takeover, payment fraud, transaction abuse, bonus abuse, and platform integrity.
  • Scope, manage, and collaborate with external penetration testing and red team vendors, ensuring identified findings are remediated effectively.
  • Establish and manage vulnerability management processes, including risk prioritization and remediation tracking.

3. Security Operations & Incident Response

  • Develop and maintain security monitoring, incident detection, and incident response processes.
  • Lead or support security investigations, incident handling, and post-incident reviews.
  • Coordinate security testing exercises, including phishing simulations and social engineering assessments.
  • Ensure timely response to emerging threats and continuously improve operational security controls.

4. Secure Engineering & Cross-functional Collaboration

  • Partner closely with Engineering and Product teams to embed security throughout the software development lifecycle.
  • Review new applications, systems, and features to identify potential security risks and recommend appropriate controls.
  • Provide security guidance on secure coding practices, cloud security, and infrastructure hardening.
  • Collaborate with cross-functional stakeholders to ensure security requirements are integrated into business initiatives.

5. Continuous Improvement & Security Awareness

  • Build and scale the cybersecurity function as the organization grows.
  • Drive security awareness initiatives and promote a strong security culture across the company.
  • Evaluate new security technologies, tools, and industry best practices to enhance organizational security capabilities.
  • Continuously improve security processes, governance, and operational effectiveness through ongoing assessment and innovation.

Your skills and experience

Cybersecurity & Risk Management

  • Minimum 5 years of experience in cybersecurity, with strong hands-on expertise in penetration testing, security engineering, or offensive security.

Application, Infrastructure & Cloud Security

  • Strong knowledge of web application security, API security (OWASP), network and infrastructure security, and cloud security, preferably AWS.

Security Testing & Incident Response

  • Experience conducting penetration testing, vulnerability management, business logic testing, and incident response activities.

Vendor & Project Management

  • Experience managing external security vendors, including penetration testing and red team engagements, while ensuring effective remediation of identified risks.

Communication & Stakeholder Management

  • Excellent communication skills with the ability to translate technical security risks into clear, business-oriented recommendations for management and cross-functional stakeholders.

Ownership & Problem-solving

  • Highly proactive with a strong sense of ownership, excellent analytical skills, attention to detail, and the ability to work independently in a fast-paced environment.

Why you'll love working here

  • Birthday leave
  • Competitive salary package
  • Learning & development opportunities

OrgScale Recruitment

Company type
Headhunt
Company industry
Staffing and Recruiting
Company size
51-150 employees
Country
Malaysia
Working days
Monday - Friday
Overtime policy
No OT

More jobs for you

Get similar jobs by email Subscribe