API Security
4 days ago
Summary
We are seeking a highly skilled API Security and Vulnerability Management Specialist to join Digital Security Application Security Testing team. The ideal candidate will be responsible for ensuring the security of our APIs through comprehensive scanning, automation, configuration and reporting. This role requires a deep understanding of API development, testing, and security best practices.
Responsibilities
- Manually and automatically onboard API scans to identify and address security vulnerabilities on API Security Platform.
- Develop and maintain automation scripts to facilitate security testing and vulnerability management process, such as API Security Platform onboarding, vulnerability reporting and dashboard (PowerBI), etc.
- Configure API authentication for various types, including OAuth, JWT, and basic authentication.
- Ensure that all authentication mechanisms are secure and compliant with industry standards.
- Manually and automatically generate detailed status reports and vulnerability summaries from scanning tools.
- Work closely with development teams to address identified vulnerabilities and ensure timely remediation.
- Collaborate with development teams to ensure security best practices are integrated into the API development lifecycle.
- Monitor and analyze security logs and alerts from API Security Platform.
- Collect requirements from upstream teams, build automated workflow / solution to reduce manual effort and improve vulnerability management end-to-end efficiency.
- Analyze vulnerability trends over time and contribute to updates in AIA's security standards and SOPs.
Requirements
- Bachelor's degree in Information Technology, Computer Science or any related fields.
- Extensive 5 years' experience with API development and testing.
- Proficiency in using API testing tools such as Postman, SOAP-UI, curl, and others.
- Strong command of Python and Java programming languages.
- Experience in software testing such as unit test, functional test, etc.
- Understanding of software development principles, methodologies, and best practices.
- Strong analytic skills related to large data sets, good problem-solving skills.
- Ability to identify and assess security risks in software applications.
- Familiarity with security frameworks and best practices, including OWASP API Top 10.
- Experience with Azure Kubernetes Service (AKS)
- Experience with Azure API Management(APIM), Software AG webmethods and Ali API gateways
- API security best practices.
- Experience with cloud-native API security and microservices architecture.
- Familiarity with containerization technologies (e.g., Docker, Kubernetes).
- Strong analytical skills to interpret security scan results and derive actionable insights.
- Ability to solve complex problems and implement effective security measures.
- Proficiency in Mandarin to effectively support Mandarin-speaking stakeholders.
- Excellent English communication skills, both written and verbal, to effectively collaborate with cross-functional teams.
-
API Security Specialist
1 week ago
Kuala Lumpur, Kuala Lumpur, Malaysia Avows Technologies Sdn Bhd Full time 80,000 - 120,000 per yearExperience: 3 to 5 yearsOpen for Malaysian candidate onlyJob Overview:We are seeking a highly skilled API Security Specialist to join Digital Security Application Security Testing team. The ideal candidate will be responsible for ensuring the security of our APIs through comprehensive scanning, automation, configuration and reporting. This role requires a...
-
Cloud Security Engineer
2 weeks ago
Kuala Lumpur, Kuala Lumpur, Malaysia EPS Ventures Sdn Bhd Full time 80,000 - 150,000 per yearLocation: Bangsar South, KLWorking Hour: Monday-Friday, 9am-6pm (Onsite, Flexi Working Hour)Industry: E-wallet IndustryResponsibilities:Design and implement secure cloud architectures in AWS, Azure, or Alibaba Cloud.Implement and enforce strong Identity and Access Management (IAM) controls, including least privilege, RBAC, MFA, and privileged access...
-
Cloud Security Engineer
2 weeks ago
Kuala Lumpur, Kuala Lumpur, Malaysia G2G Full time $80,000 - $120,000 per yearSecurity Architecture & Implementation: Design and implement secure, scalable, and resilient cloud infrastructure architectures across AWSIdentity & Access Management (IAM): Enforce the principle of least privilege by implementing and managing robust IAM policies, Role-Based Access Control (RBAC), and Multi-Factor Authentication (MFA).Network Security:...
-
Back-End API Developer
6 days ago
Kuala Lumpur, Kuala Lumpur, Malaysia Frontline Data Solutions Full timeWhat You'll DoAs a Back-End API Developer you'll play a vital role in the evolution of our SaaS platform, which supports some of the world's most respected companies in high-compliance industries like chemical, oil & gas, and manufacturing.Build New Features: Collaborate with Product Managers, Frontend Developers, and fellow Backend Engineers to design and...
-
Security Development Engineer
2 weeks ago
Kuala Lumpur, Kuala Lumpur, Malaysia PayNet (Payments Network Malaysia) Full time 120,000 - 240,000 per yearSummary Of ResponsibilitiesPart of the Security Engineering team, responsible for co-developing solutions and automation workflows to improve the overall security posture of PayNet.Serve as a change agent in automation initiatives, building pipelines to enhance operational efficiency.Ensure that sound security controls are in place, commensurate with...
-
Senior Application Security Engineer
2 weeks ago
Kuala Lumpur, Kuala Lumpur, Malaysia BTI Executive Search Pte Ltd Full time $70,000 - $130,000 per yearResponsibilities:Design and validate security controls for application interfacesConduct security assessments and vulnerability researchBuild automation frameworks for security testingCollaborate with engineering teams on secure architecture patternsImplement authentication and authorization best practicesRequirements:5+ years in application security or...
-
Network Security Engineer
2 weeks ago
Kuala Lumpur, Kuala Lumpur, Malaysia Nexroar Service SDN BHD Full time 100,000 - 120,000 per yearKey KnowledgeWork experience with FSI or large security setup is preferredUnderstanding Window servers, database, network protocols, firewalls, IPS, DLP, NAC, VPN, HSM,API, SIEM and other security toolsKnowledge of security framework like NIST CSF and industry standards, ISO27001, Zero Trust andBNM RMiT.Good understanding in encryptions and techniquesAbility...
-
Java API Developer
2 weeks ago
Kuala Lumpur, Kuala Lumpur, Malaysia Oxydata Software Full time 120,000 - 180,000 per yearJava API DeveloperJob ID: 4RX66Y55Location: Jalan Yap Kwan Seng, Kuala LumpurWork Mode: Hybrid (4 days in office, 1 day WFH)Job Type: PermanentOur client is a trusted financial services leader with operations across 16 countries, serving over 1 million clients and managing more than USD 30 billion in assets. With a global workforce of 3,500+ employees,...
-
Application Security Manager
2 weeks ago
Kuala Lumpur, Kuala Lumpur, Malaysia Great Eastern Full time 120,000 - 200,000 per yearAbout the JobThe Manager, Application Security is responsible for strengthening our enterprise application security posture. This is a hands-on individual contributor role responsible for performing penetration testing, secure code review, software composition analysis, container image assurance, and vulnerability assessments, as well as managing findings...
-
Manager, Application Security
2 weeks ago
Kuala Lumpur, Kuala Lumpur, Malaysia Great Eastern Full time 900,000 - 1,200,000 per yearAbout the JobThe Manager, Application Security is responsible for strengthening our enterprise application security posture. This is a hands-on individual contributor role responsible for performing penetration testing, secure code review, software composition analysis, container image assurance, and vulnerability assessments, as well as managing findings...
