Search other roles

Lead Application Security Engineer

Lead Security Application Engineer
OWASP Security Practices - Global Insurer - Kuala Lumpur, Malaysia
Up to RM 18,000 per month - 12 Months Fixed term contract
2020-10-13



Contract or Temp
Not Specified
Sydney

Great opportunity to work for a Global Insurer based in Kuala Lumpur. This is a 12 months fixed term contract for a newly created team for one of the world’s leading insurers. We are hiring a Lead Application Security Engineer who has ideally moved from Software Development into Security.
   
Part of your role will be to advise the Development team as to what areas to investigate regarding Vulnerability and to let them know what type of Remediation they will need to take.
  
Knowing Application Security (AppSec) concepts and best practice is a MUST for this one.
  
Key Responsibilities

  • Successfully lead the implementation of a critical and complex part of an Application Security Tools and Services suggested by the global team. This includes building brand new systems, or enhancements, modifications to existing systems
  • Establish the AppSec process from scratch.
  • Drive the end-to-end Vulnerability Management process including pentest, remediation, governance, etc.
  • Must be very handy with OWASP Top 10 and pentests as well. Sometimes manual source code review is required too as part of the job/process
  • Knowledge of DevSecOps and set up a secure CI/CD process, adding security gates in DevOps pipeline
  • Knowing Application Security concepts and best practice is a must for this one.
  • Analyzes and oversees the development of information security governance, including organizational policies, procedures, standards, baselines, and guidelines with respect to information security 

*This is not an Infrastructure / Network / Firewalls type of Security Engineer; it is Application focused*
  
Requirements & Qualifications

  • 5+ years of experience as a System Security Engineer or similar role
  • Certification, such as CCNA or equivalent
  • WLAN; PEN test; AppScan; Threat Model
  • Attack vectors such as XSS, Injection, Hijacking
  • Knowledge of Content Delivery Networks
  • Basic programming knowledge – quick understanding and grasp of the technical solution

Why should you apply for this role?

  • Global Business with Global Opportunities
  • Build new systems and work alongside Architects, Managers, and other Leads, sharing ideas in a collaborative environment
  • It is a New Role! So, the company recognises the need for the position and will be open to your fresh new ideas and you won’t be picking up half-finished work by your predecessor.
  • Awesome location in Kuala Lumpur, Malaysia
  • Decent, approachable manager

If you’re interested in finding out more about the position, please send through your cv to [email protected] as a word doc. I look forward to hearing from you and discussing the role and company in more detail.

Apply now


  (Files allowed: pdf, doc, docx. Max size 2MB)