Application Security Engineer (Pentester)

Discover and address security vulnerabilities through penetration testing and code review. Contribute to security training and monitoring.

Overview

Department

Job type

Full time

Compensation

Salary not specified

Location

Kuala Lumpur, Malaysia, Southeast Asia

Resume Assistance

See how well your resume matches this job role with our AI-powered score. By uploading your resume, you agree to our Terms of Service

Click to upload

or drag and drop

pdf, doc, or docx (max. 10MB)

Ready to apply?

You're one step away - it takes less than a minute to upload your resume

Requirements

OSCP (or equivalent, such as CREST) is a MUST.

A deep understanding of OWASP Top 10 and the ability to detect and address logic flaws are highly desirable.

Minimum four years of experience in Web API testing and proficiency in using BurpSuite is preferred.

Experience with Mobile App testing, comprehension of jailbreaking/rooting a device, API hooking, reverse engineering, and de-obfuscation is highly beneficial

Fluency in spoken and written English is essential, and proficiency in Mandarin would be advantageous.

Responsibilities

Discover security vulnerabilities through design review, source code review and penetration testing, either manually or by using automated tools, and follow up on the remediation process

Participant in relevant agile scrum meetings and provide professional recommendations on the design of security controls, libraries, and/or protocols

Conduct security-related training sessions

Implement various security control verification and risk detection through automated scripts

Provide support on application-level security monitoring, intrusion detection, and incident response