Job Description

Responsibilities of the Role:

Perform regular vulnerability scanning on servers, endpoints, applications, databases, network devices, and cloud systems. Analyze scan results, validate false positives, and prioritize vulnerabilities based on severity and risk. Conduct manual and automated penetration testing such as Web and mobile applications, Network infrastructure (internal and external), APIs and cloud environments. Monitor compliance with relevant frameworks for the cloud environments (e.g., ISO 27001, NIST, CIS Benchmarks, SOC 2, PCI DSS, GDPR). Monitoring, troubleshooting security and network events. Analyze and respond to security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Endpoint Detection and Response (EDR) and other security threat data sources. Strong knowledge of OWASP Top 10, SANS Top 25, MITRE ATT&CK, and common exploit techniques. Hands-on experience with VAPT tools and manual testing techniques.

Requirements for the Role:

A Degree in computer science/cybersecurity or equivalent from a recognized university/institute. At least two years ICT industry experience in configuring, managing, and troubleshooting. Interpersonal skills and experience in presenting security incidents. Teamwork skills. Good written and oral communications skills. Work experience in a SOC is an added advantage. ICT security certifications are an added advantage.

The Package:

Attractive Salary (RM7,000). Performance related bonus for confirmed staff. 6 months contract. 12 days Annual Leave. 14 days Medical Leave. * Working Location: Kuala Lumpur.