This job has been added to your Saved jobs.
You have reached the limit of 20 Saved Jobs. If you want to create a new one, please manage your Saved Jobs.
Job Expertise:
Job Domain:
Software Products and Web Services
Job description
Key Responsibilities
1. Security Strategy & Governance
- Develop and execute the company's cybersecurity strategy aligned with business objectives and risk appetite.
- Define security priorities, roadmap, and investment plans to strengthen the organization's overall security posture.
- Establish security policies, standards, and best practices across the business.
- Build and maintain a comprehensive asset inventory and risk register to identify, assess, and manage security risks.
- Present security risks, initiatives, and progress updates to senior management in a clear, business-focused manner.
2. Security Assessment & Risk Management
- Plan, coordinate, and perform security assessments across web applications, APIs, infrastructure, and cloud environments.
- Conduct penetration testing, vulnerability assessments, and business logic testing to identify security weaknesses.
- Evaluate platform security risks, including account takeover, payment fraud, transaction abuse, bonus abuse, and platform integrity.
- Scope, manage, and collaborate with external penetration testing and red team vendors, ensuring identified findings are remediated effectively.
- Establish and manage vulnerability management processes, including risk prioritization and remediation tracking.
3. Security Operations & Incident Response
- Develop and maintain security monitoring, incident detection, and incident response processes.
- Lead or support security investigations, incident handling, and post-incident reviews.
- Coordinate security testing exercises, including phishing simulations and social engineering assessments.
- Ensure timely response to emerging threats and continuously improve operational security controls.
4. Secure Engineering & Cross-functional Collaboration
- Partner closely with Engineering and Product teams to embed security throughout the software development lifecycle.
- Review new applications, systems, and features to identify potential security risks and recommend appropriate controls.
- Provide security guidance on secure coding practices, cloud security, and infrastructure hardening.
- Collaborate with cross-functional stakeholders to ensure security requirements are integrated into business initiatives.
5. Continuous Improvement & Security Awareness
- Build and scale the cybersecurity function as the organization grows.
- Drive security awareness initiatives and promote a strong security culture across the company.
- Evaluate new security technologies, tools, and industry best practices to enhance organizational security capabilities.
- Continuously improve security processes, governance, and operational effectiveness through ongoing assessment and innovation.
Your skills and experience
Cybersecurity & Risk Management
- Minimum 5 years of experience in cybersecurity, with strong hands-on expertise in penetration testing, security engineering, or offensive security.
Application, Infrastructure & Cloud Security
- Strong knowledge of web application security, API security (OWASP), network and infrastructure security, and cloud security, preferably AWS.
Security Testing & Incident Response
- Experience conducting penetration testing, vulnerability management, business logic testing, and incident response activities.
Vendor & Project Management
- Experience managing external security vendors, including penetration testing and red team engagements, while ensuring effective remediation of identified risks.
Communication & Stakeholder Management
- Excellent communication skills with the ability to translate technical security risks into clear, business-oriented recommendations for management and cross-functional stakeholders.
Ownership & Problem-solving
- Highly proactive with a strong sense of ownership, excellent analytical skills, attention to detail, and the ability to work independently in a fast-paced environment.
Why you'll love working here
- Birthday leave
- Competitive salary package
- Learning & development opportunities
OrgScale Recruitment
Company type
Headhunt
Company industry
Staffing and Recruiting
Company size
51-150
employees
Country
Malaysia
Working days
Monday - Friday
Overtime policy
No OT
More jobs for you
Get similar jobs by email
Subscribe
Feedback