Lead Specialist, Security Verification

< back to jobs opening

Job Description:

Lead Specialist, Security Verification & Testing

Get to know the Role

As a cyber security engineer, you will find issues before an attacher does and recommend how to fix them to avoid future vulnerabilities. You may also perform social-engineering and client-side attacks involving simulating real attacks to assess the risk associated with the potential security breaches.

Roles & Responsibilities:

  • Perform secure design review, threat modelling, secure code review, penetration testing and assist developers in triaging scan results.
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences and make recommendations for security improvements.
  • Effectively communicate findings and strategy to stakeholders including technical staff and executive leadership.
  • Develop and socialize security standards, training courses on secure design best practices, related to cryptography, authentication, access control, etc.
  • Lead engagements with Engineering teams from scoping through remediation, and mentoring less experienced staff.

The day-to-day activities:

A typical day would be reviewing the design documents of mobile applications and APIs, to identify potential flaws that might be exploited. If, just by reading the documentation, you can find security flaws and propose improvements while considering the performance and the user experience, think well outside the box, or are astute enough to quickly learn these skills, then you're the type of Analyst were looking for.

The Must Haves:

  • Background in coding, fluent in several modern programming languages
  • Excellent understanding of secure design and coding best practices.
  • Experience using scanning tools for mobile, API and web application security testing.
  • At least 10 year experience with a minimum of 3 of the following:
  • Strong experience with AWS, Azure or GCP
  • Design of highly-available and highly-secure solutions in financial sector
  • Design of container-based infrastructures in the cloud
  • Development of mobile applications, RESTful APIs, web applications
  • Secure code review of mobile applications, RESTful APIs, web applications
  • Penetration testing of mobile applications, RESTful APIs, web applications

Working Place:

Petaling Jaya, Selangor, Malaysia
< back to jobs opening