Cybersecurity Analyst (Junior/Senior) (ID: 682188)

Design and implement advanced cybersecurity solutions to safeguard applications, data, and infrastructure. Continuously enhance security measures to mitigate emerging risks and vulnerabilities. Conduct comprehensive vulnerability assessments, penetration tests, and risk analyses to identify and remediate security gaps. Diagnose, respond to, and contain security incidents promptly to ensure minimal business impact. Maintain and enforce security best practices in alignment with relevant industry standards and regulatory requirements. Mentor and guide team members to strengthen their cybersecurity expertise and adherence to best practices. Develop and integrate security tools for proactive monitoring, detection, and incident response. Enhance automation of security testing and deployment pipelines to enable rapid and secure software delivery. Collaborate closely with development, DevOps, and IT teams to embed security throughout the software development lifecycle (SDLC).

• Bachelor’s or Master’s Degree in Computer Science, Cybersecurity, or a related discipline.
• 4–7 years of practical experience in cybersecurity.
• Proficiency in Mandarin (spoken and written) to engage effectively with Mandarin-speaking clients.
• Proven experience with anti-fraud systems, particularly in mobile application security (APK protection and analysis).
• Strong understanding of application security principles, including secure coding, encryption, authentication, and authorization.
• Hands-on experience in reverse engineering, obfuscation techniques, and tamper detection for mobile (APK) security.
• Proficient in security testing methodologies, including SAST, DAST, and penetration testing.
• Familiarity with tools such as Burp Suite, Metasploit, Frida, IDA Pro, and other reverse engineering utilities.
• Experience in implementing and managing security frameworks such as OWASP, NIST, and ISO 27001.
• Solid understanding of networking protocols, firewalls, IDS/IPS, and related security technologies.
• Proficiency in programming and scripting languages such as Python, Java, Kotlin, or C++.
• Experience with cloud security (AWS, Azure, or GCP) is an advantage.
• Hands-on experience in DevSecOps practices and CI/CD pipeline security is highly preferred.
• Strong analytical, problem-solving, and troubleshooting skills with a proactive approach to security threats.
• Excellent communication and documentation skills, with the ability to educate non-security stakeholders on best practices.
• Prior experience in a start-up environment or an entrepreneurial mindset is highly valued.