Việc làm này đã được thêm vào mục Việc làm đã lưu.
Bạn đã lưu tối đa 20 việc làm. Nếu bạn muốn lưu mới, hãy cập nhật Việc làm đã lưu.
Chuyên môn:
Lĩnh vực:
Sản Phẩm Phần Mềm và Dịch Vụ Web
Mô tả công việc
Key Responsibilities
1. Security Strategy & Governance
- Develop and execute the company's cybersecurity strategy aligned with business objectives and risk appetite.
- Define security priorities, roadmap, and investment plans to strengthen the organization's overall security posture.
- Establish security policies, standards, and best practices across the business.
- Build and maintain a comprehensive asset inventory and risk register to identify, assess, and manage security risks.
- Present security risks, initiatives, and progress updates to senior management in a clear, business-focused manner.
2. Security Assessment & Risk Management
- Plan, coordinate, and perform security assessments across web applications, APIs, infrastructure, and cloud environments.
- Conduct penetration testing, vulnerability assessments, and business logic testing to identify security weaknesses.
- Evaluate platform security risks, including account takeover, payment fraud, transaction abuse, bonus abuse, and platform integrity.
- Scope, manage, and collaborate with external penetration testing and red team vendors, ensuring identified findings are remediated effectively.
- Establish and manage vulnerability management processes, including risk prioritization and remediation tracking.
3. Security Operations & Incident Response
- Develop and maintain security monitoring, incident detection, and incident response processes.
- Lead or support security investigations, incident handling, and post-incident reviews.
- Coordinate security testing exercises, including phishing simulations and social engineering assessments.
- Ensure timely response to emerging threats and continuously improve operational security controls.
4. Secure Engineering & Cross-functional Collaboration
- Partner closely with Engineering and Product teams to embed security throughout the software development lifecycle.
- Review new applications, systems, and features to identify potential security risks and recommend appropriate controls.
- Provide security guidance on secure coding practices, cloud security, and infrastructure hardening.
- Collaborate with cross-functional stakeholders to ensure security requirements are integrated into business initiatives.
5. Continuous Improvement & Security Awareness
- Build and scale the cybersecurity function as the organization grows.
- Drive security awareness initiatives and promote a strong security culture across the company.
- Evaluate new security technologies, tools, and industry best practices to enhance organizational security capabilities.
- Continuously improve security processes, governance, and operational effectiveness through ongoing assessment and innovation.
Yêu cầu công việc
Cybersecurity & Risk Management
- Minimum 5 years of experience in cybersecurity, with strong hands-on expertise in penetration testing, security engineering, or offensive security.
Application, Infrastructure & Cloud Security
- Strong knowledge of web application security, API security (OWASP), network and infrastructure security, and cloud security, preferably AWS.
Security Testing & Incident Response
- Experience conducting penetration testing, vulnerability management, business logic testing, and incident response activities.
Vendor & Project Management
- Experience managing external security vendors, including penetration testing and red team engagements, while ensuring effective remediation of identified risks.
Communication & Stakeholder Management
- Excellent communication skills with the ability to translate technical security risks into clear, business-oriented recommendations for management and cross-functional stakeholders.
Ownership & Problem-solving
- Highly proactive with a strong sense of ownership, excellent analytical skills, attention to detail, and the ability to work independently in a fast-paced environment.
Tại sao bạn sẽ yêu thích làm việc tại đây
- Birthday leave
- Competitive salary package
- Learning & development opportunities
OrgScale Recruitment
Mô hình công ty
Headhunt
Lĩnh vực công ty
Cung Ứng và Tuyển Dụng
Quy mô công ty
51-150
nhân viên
Quốc gia
Malaysia
Thời gian làm việc
Thứ 2 - Thứ 6
Làm việc ngoài giờ
Không có OT
Việc làm tương tự dành cho bạn
Nhận các việc làm tương tự qua email
Nhận thông báo
SUPER HOT
Đăng
1 ngày trước
[HN] Solution Architect (AWS, Cloud, Presale, Database)
Tại văn phòng
Hà Nội
HOT
Đăng
2 ngày trước
Middle DevOps Engineer (AWS, IAM/CloudFormation)
Linh hoạt
TP Hồ Chí Minh - Đà Nẵng
Góp ý