Enable job alerts via email!
Application Security Engineer
Emmbr
Kuala Lumpur
Hybrid
MYR 150,000 - 200,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A global technology firm in Kuala Lumpur is seeking a skilled security professional to embed security into the software development lifecycle. You will work closely with engineering teams to enhance product security by leveraging best practices and leading tools in application security. The ideal candidate has strong experience with tools like Veracode and Snyk, and familiarity with cloud-native environments such as AWS and Kubernetes. Join us to work in a collaborative hybrid environment with a competitive salary and bonus.
Benefits
Qualifications
- Strong experience with application security tools like Veracode and Snyk.
- Familiar with cloud-native environments like AWS and Kubernetes.
- Comfortable interpreting logs and identifying risks.
Responsibilities
- Embed security into the SDLC through code reviews and threat modelling.
- Operate and optimise application security tooling across CI/CD.
- Collaborate with engineering teams to enhance security.
Skills
Tools
- Global high growth business, expanding capability in ASIA
- Work with some of the best engineers, permanent full time, hybrid
- Competitive salary + bonus, hybrid office setting
Bring your passion for secure coding and modern DevSecOps practices into a global business where security is built into every stage of development. You'll play a key role in strengthening product security by embedding best practices, guiding developers, and leveraging leading tools across SAST, DAST, IAST, and SCA. This is an opportunity to influence secure design at scale while working hands-on with cutting-edge technology stacks.
- Embed security into the SDLC through code reviews, design reviews, and threat modelling.
- Operate and optimise application security tooling (SAST, DAST, IAST, SCA) across CI/CD pipelines.
- Collaborate with engineering teams to drive shift-left security and security champion initiatives.
- Provide expert guidance on secure coding, cloud security, and vulnerability management.
- Contribute to security standards, playbooks, and compliance frameworks.
- Strong experience with application security tools (e.g. Veracode, Snyk, Checkmarx, Burp Suite).
- Familiar with cloud-native environments (AWS, containers, Kubernetes) and infrastructure-as-code.
- Comfortable interpreting logs and identifying risks using platforms like Splunk or Datadog.
- Knowledge of security frameworks (OWASP Top 10, ASVS, MITRE ATT&CK) and regulatory standards.
Be careful - Don’t provide your bank or credit card details when applying for jobs. Don't transfer any money or complete suspicious online surveys. If you see something suspicious, report this job ad.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
