Browse Job Categories

System Security Analyst


Job ID:



Petaling Jaya, SGR, Malaysia


Engineering, Information Technology, Programming

Job Views:


Employment Type:




Job Description:

The role’s prime objective is to support the execution of mobile app and connected appliances strategy in Asia Pacific.
You will report to the Regional IT Manager and work closely with your peers, locally and across the region.  You will use your experience and knowledge to introduce and improve common best practices and standards in delivering IT application services.
The role requires the candidate to have strong knowledge/experience in OWASP SAMM, Information protection, Data Loss protection and Threat protection. Experience in Thread protection is a must.
Strong understanding of market trends in DevOps, IoT, Mobility and cloud computing is necessary. Effective cross-functional collaboration skills are desired in the ideal candidate.
The role involves defining or using a framework for a common way of working through developing common processes and IT tools which are robust and meet the business requirements.
  • Candidate must possess at least Bachelor's Degree/Post Graduate Diploma/Professional Degree in Computer Science/Information Technology or equivalent.
  • Required language(s): English
  • At least 7 Year(s) of working experience in the related field is required for this position & at least 3 years in Security
  • Knowledge of OWASP SAMM, STRIDE Thread Modelling, Threat /Vulnerability assessment;
  • Secure Source code deployment;
  • Application Security;
  • Governance, Compliance & Audit;
  • Identity & Access Management;
  • Programming languages: JS, Swift, Java (strong knowledge);
  • Tools: Sonar Cube, Appium Studio, Android Studio, XCode, Mobile First Platform;
  • CSP: IBM cloud, Microsoft Azure; 
  • Preferably Manager specialized in IT/Computer - Network/System/Database Admin or equivalent.
  • Planning and implementation of preventive security measures like installing firewalls, encryptions or security enhancements;
  • Preventing data loss and service interruptions;
  • Perform Risk/Threat analysis on system boundaries using threat classification models like STRIDE;
  • Creating testing and implementing disaster recovery plans;
  • Testing of data processing and storage systems;
  • Review source code with every release using source code review tools like SonarCube;
  • Support penetrating testing conducted by external suppliers;
  • Anticipate and respond to security alerts, intrusions, attacks etc;
  • Incorporate OWASP SAMM into our existing SDLC;
  • API validation and testing;

Please sent your latest resume to :
Apply or contact for info: