Enable job alerts via email!
Application Security Engineer (Pentester)
P2P
Kuala Lumpur
On-site
MYR 150,000 - 200,000
Full time
30+ days ago
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Create a job specific, tailored resume for higher success rate.
Job summary
Join a forward-thinking company as a Security Analyst, where you will play a crucial role in identifying and mitigating security vulnerabilities. This dynamic position involves conducting thorough security assessments, participating in agile scrum meetings, and implementing security controls. You will have the opportunity to lead training sessions and support application-level security monitoring. If you are passionate about cybersecurity and eager to make a significant impact in a collaborative environment, this role is perfect for you. Bring your expertise and help shape the future of secure digital experiences.
Qualifications
- Minimum four years of experience in Web API testing and proficiency in BurpSuite.
- Deep understanding of OWASP Top 10 and ability to detect logic flaws.
Responsibilities
- Discover security vulnerabilities through design and source code reviews.
- Conduct security-related training sessions and provide recommendations.
Skills
Security Vulnerability Assessment
Penetration Testing
Web API Testing
Incident Response
Fluency in English
Knowledge of OWASP Top 10
Education
OSCP Certification
Equivalent Security Certification (CREST)
Tools
BurpSuite
Job description
Responsibilities
- Discover security vulnerabilities through design review, source code review and penetration testing, either manually or by using automated tools, and follow up on the remediation process
- Participant in relevant agile scrum meetings and provide professional recommendations on the design of security controls, libraries, and/or protocols
- Conduct security-related training sessions
- Implement various security control verification and risk detection through automated scripts
- Provide support on application-level security monitoring, intrusion detection, and incident response
Requirements
- OSCP (or equivalent, such as CREST) is a MUST.
- A deep understanding of OWASP Top 10 and the ability to detect and address logic flaws are highly desirable.
- Minimum four years of experience in Web API testing and proficiency in using BurpSuite is preferred.
- Experience with Mobile App testing, comprehension of jailbreaking/rooting a device, API hooking, reverse engineering, and de-obfuscation is highly beneficial
- Fluency in spoken and written English is essential, and proficiency in Mandarin would be advantageous.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
Land a better
job faster
job faster
