Application Security Specialist

We are looking for a passionate Application Security Specialist to work in our client's KL Office. We need a professional who knows and likes to solve the company's information issues. 

• Seek and investigate vulnerabilities in the company's products 
• Collaborate with product development, information technology, and management 
• Participate in security assessments of service architecture 
• Develop and conduct training events for developers 
• Participate in the management of the Bug Bounty program 
• Assist developers in vulnerability mitigation according to agreed SLAs 
• Maintain, develop and automate SDLC practices 
• Assist in implementing security code review process 
• Participate in the selection and implementation of new information security systems 
• Participate in information security incident investigations 

• At least 3 years of relevant experience 
• Familiar with web application attacks, how to exploit them, and defense techniques 
• Experienced in doing penetration testing in PHP and Javascript 
• Understand the difference between threat and risk, and are familiar with vulnerability assessment 
• Understand the principles of networking and how web applications work 
• Are familiar with BurpSuite/OWASP ZAP etc 
• Familiar with the languages and frameworks for developing modern web applications 
• Familiar with manual and automated application security analysis tools 
• Familiar with SDLC 
• Verbal communication in English is easy