Responsibilities of the Role:
- Perform regular vulnerability scanning on servers, endpoints, applications, databases, network devices, and cloud systems.
- Analyze scan results, validate false positives, and prioritize vulnerabilities based on severity and risk.
- Conduct manual and automated penetration testing such as Web and mobile applications, Network infrastructure (internal and external), APIs and cloud environments.
- Monitor compliance with relevant frameworks for the cloud environments (e.g., ISO 27001, NIST, CIS Benchmarks, SOC 2, PCI DSS, GDPR).
- Monitoring, troubleshooting security and network events.
- Analyze and respond to security threats from Firewall (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Antivirus (AV), Endpoint Detection and Response (EDR) and other security threat data sources.
- Strong knowledge of OWASP Top 10, SANS Top 25, MITRE ATT&CK, and common exploit techniques.
- Hands-on experience with VAPT tools and manual testing techniques.
Requirements for the Role:
- A Degree in computer science/cybersecurity or equivalent from a recognized university/institute.
- At least two years ICT industry experience in configuring, managing, and troubleshooting.
- Interpersonal skills and experience in presenting security incidents.
- Teamwork skills.
- Good written and oral communications skills.
- Work experience in a SOC is an added advantage.
- ICT security certifications are an added advantage.
The Package:
- Attractive Salary (RM7,000).
- Performance related bonus for confirmed staff.
- 6 months contract.
- 12 days Annual Leave.
- 14 days Medical Leave.
- Working Location: Kuala Lumpur.