🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Cookies & analytics consent
We serve candidates globally, so we only activate Google Tag Manager and other analytics after you opt in. This keeps us aligned with GDPR/UK DPA, ePrivacy, LGPD, and similar rules. Essential features still run without analytics cookies.
Read how we use data in our Privacy Policy and Terms of Service.
🤖 15+ AI Agents working for you. Find jobs, score and update resumes, cover letter, interview questions, missing keywords, and lots more.
Softenger Malaysia • Malaysia
Salary: MYR 12,000 / month
Role & seniority: Hands-on individual contributor, Senior security engineer specializing in application security and penetration testing.
Stack/tools: Web/mobile/API security; secure SDLC; CI/CD security; regulatory/compliance (MAS TRM, BNM RMiT). Tools: Burp Suite, OWASP ZAP, Fortify, Checkmarx, Black Duck, Nessus, Aqua, Qualys.
Conduct penetration testing for web, mobile, and API applications; perform secure code reviews and vulnerability assessments (SAST/DAST/IAST/SCA, container image security).
Triage, validate, prioritize, and track findings; collaborate with DevOps/engineering to ensure timely remediation; embed security controls into CI/CD pipelines.
Maintain security documentation and evidence for audits; ensure compliance with internal policies and MAS TRM, MAS Cyber Hygiene, BNM RMiT; support audits and regulatory inspections.
7+ years IT security experience; 4+ years in project-based and annual penetration testing (web, mobile, API).
Strong application security knowledge (OWASP Top 10) and hands-on in SAST/DAST/IAST/SCA and container image security.
Proficiency with listed security testing tools; working knowledge of MAS TRM, MAS Cyber Hygiene, BNM RMiT.
Ability to triage and manage vulnerabilities; collaboration with development/DevOps teams.
Professional certifications such as CREST, OSCP+, OSEP, or GPEN.
Location & work type: Kuala Lumpur, contractual position.
Job Location: Kuala Lumpur
Job Type: Contractual
Max Salary: Up to RM12000 per month
Key Responsibilities Conduct penetration testing for web, mobile, and API applications. Perform secure code reviews, SAST, DAST, SCA, IAST, and container image assurance to identify vulnerabilities early in the SDLC. Execute vulnerability assessments across applications, middleware, and supporting systems. Use industry tools including Burp Suite, OWASP ZAP, Fortify, Checkmarx, Black Duck, Nessus, Aqua, and Qualys. Triage, validate, prioritize, and track security findings through remediation. Collaborate with development, DevOps, and infrastructure teams to ensure timely vulnerability closure. Embed application security controls into CI/CD pipelines. Provide guidance on secure coding practices. Maintain security documentation and evidence for audits and regulatory reviews. Ensure compliance with internal policies, MAS TRM, MAS Cyber Hygiene, BNM RMiT, and industry best practices. Support audits, risk assessments, and regulatory inspections related to application security.
Requirements Bachelor’s degree in Information Security, Computer Science, or related field. 7+ years of IT security experience, including 4+ years in project-based and annual penetration testing (web, mobile, API). Strong expertise in application security, OWASP Top 10, and common attack vectors. Hands-on experience in secure code reviews, SCA, container image security, and vulnerability assessments. Proficiency with the listed security testing tools. Working knowledge of MAS TRM, MAS Cyber Hygiene, and BNM RMiT. Professional certifications such as CREST, OSCP+, OSEP, or GPEN are preferred.
Tahap senioriti Tahap Separa Senior Jenis pekerjaan Sepenuh masa Bidang tugas Teknologi Maklumat Industri Perkhidmatan IT dan Perundingan IT