Security Engineer (Junior) - AIA Berhad

  • Cyberjaya, Selangor, Malaysia
  • Apply by: Jan 01, 2026
  • 1 Vacancy
  • Local Candidates (Malaysia)
  • Shift: First Shift (Morning)
  • Career Level: Experienced Professional
  • Degree: Graduate
  • Experience: Year
  • Full Time/Permanent
  • Work from Office
Hurry Up!! Already 7 People Have Applied For This Job
Job is expired
Job Description

Roles/Responsibilities:

 

Security Engineering

  • Perform source code review and penetration test for web applications and mobile applications
  • Support application team to review security issues and come out a practical remediation plan to drive timely remediation
  • Review and analyse vulnerability data to identify security risks to the organization's environment and application security and determine any reported vulnerabilities that are false positive part of the scans
  • Work with Application team with API Security, Container Security, Azure Cloud Security
  • Work closely with application development team to proactively review the issues identified from source code review and penetration test and drive the remediation discussion and execution
  • Support CI/CD process, continuous integration (Git), continuous deployment (Travis/Jenkins), and deployment orchestration (Ansible, puppet, or equivalent)
  • Support and work with APIs and Plugins to integrate security tools into established CI/CD pipelines
  • Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements.
  • Responsible for automating security controls, data and processes to provide improved metrics and operational support.

 

Requirements:

  • Education –

University degree in one of the following or related disciplines (Computer Science, Computer Engineering, Information Security, Information Systems)

  • Experience –
  • 2 - 5 years of experiences of information security domain, especially hands on experience for source code review and penetration test
  • Proficiency and hands on experience in Java/JavaScript Programming and Bash, Python or other scripting languages etc
  • Family with industry security tools, Veracode, SonarQube, Fortify, Snyk, MAST etc in the CI/CD pipelines: Azure DevOps, Bamboo, Jenkins
  • Experience with working on open-source software related to Intrusion Detection, Prevention, and File Integrity Monitoring Systems and Flow based solutions – a plus
  • Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (Tenable, Qualys, etc). – a plus
  • Experience configuring, implementing and leveraging computer security and networking diagnostic/monitoring tools – a plus
  • Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc) – a plus
  • Good interpersonal and communication skill
  • Good team player with a high integrity, proactive mindset, and strong ownership
  • Certifications/licenses
  • Preferably a holder of one or more of the following information security and audit qualifications: CISSP, CEH
Benefits
. Vision
. Health
Skills Required