Lead, Penetration Tester

4 days ago

Kuala Lumpur, Kuala Lumpur, Malaysia Ambition Full time $80,000 - $180,000 per year

About the Client

Our client is a leading regional financial institution with a dedicated technology and innovation centre based in Kuala Lumpur. The organisation is currently undergoing a large-scale cloud transformation, with a strong focus on strengthening its security posture, modernising legacy platforms, and enhancing governance across digital initiatives.

Key Responsibilities

  • Lead complex penetration testing and red-team exercises across AWS, Azure, and GCP, simulating real-world attack scenarios to identify weaknesses in cloud configurations, IAM, networking, containers, and serverless environments.
  • Design, enhance, and operationalise cloud security testing methodologies, tooling, threat modelling exercises, and advanced exploitation techniques.
  • Implement and manage Threat & Vulnerability Management (TVM) tools within Cloud and DevSecOps environments, including integration into CI/CD pipelines with automated security testing (SAST, DAST, IAST).
  • Build custom scripts, tools, and proof-of-concepts to demonstrate impact of vulnerabilities, and perform deep exploitation of misconfigurations, APIs, privilege escalation paths, and data exposure risks.
  • Mentor and guide junior cloud security testers through technical training, peer reviews, and knowledge-sharing to uplift team capability.
  • Collaborate closely with Cloud Teams, Cloud Security Architects, DevSecOps, and VA & Remediation teams to advise on secure cloud deployment practices, support audit evidence requirements, and stay ahead of emerging cloud-native threats and regulatory expectations

Requirements

  • At least 5 years of experience in penetration testing, with strong hands-on exposure to offensive security across AWS, Azure, and GCP; deep understanding of IAM, cloud networking, compute, serverless, containers (Kubernetes), storage, and cloud-native logging.
  • Proficient in offensive security tools such as Pacu, ScoutSuite, Prowler, Burp Suite, Nmap, and highly skilled in custom scripting (Python, Bash, PowerShell).
  • Experienced with IaC and CI/CD tooling including Terraform, CloudFormation, Jenkins, GitLab CI, with strong knowledge of secure automation and pipeline practices.
  • Strong understanding of MITRE ATT&CK for Cloud, adversary simulation techniques, and attacker TTPs used in modern cloud exploitation.
  • Excellent analytical and communication capabilities, able to present findings clearly to both technical stakeholders and senior leadership.
  • Demonstrated leadership and mentoring abilities, with a self-driven, collaborative mindset suitable for fast-paced, cross-functional cloud and security environments.

  • Lead - Penetration Tester

    6 days ago

    Kuala Lumpur, Kuala Lumpur, Malaysia Axiata Digital Labs Full time 120,000 - 240,000 per year

    Summary You will be responsible for managing a team of penetration testers, designing and executing complex security assessments, and ensuring the security posture of critical systems and applications across our organization. You will also serve as a subject matter expert in identifying vulnerabilities, providing remediation strategies, and developing threat...

  • Penetration Tester

    12 hours ago

    Kuala Lumpur, Kuala Lumpur, Malaysia PAN ASIA SOFTWARE SOLUTIONS SDN BHD Full time

    Job Title : Penetration TesterResponsible managing a team of penetration testers, designing and executing complex security assessments, and ensuring the security posture of critical systems and applications across our organization. You will also serve as a subject matter expert in identifying vulnerabilities, providing remediation strategies, and developing...

  • Penetration Tester

    11 hours ago

    Kuala Lumpur, Kuala Lumpur, Malaysia FIRMUS Full time

    The Penetration Tester will be serving as the Penetration Testing Lead, is a technical leadership role responsible for steering and executing advanced offensive security engagements. This role requires a security practitioner capable of designing, managing, and delivering comprehensive security assessments including penetration testing, red teaming, and...

  • Penetration Tester

    1 week ago

    Kuala Lumpur, Kuala Lumpur, Malaysia Hytech Consulting Management Sdn Bhd Full time 120,000 - 240,000 per year

    About The Role:The Penetration Tester will be responsible for assessing the security of our network, applications, and infrastructure by identifying vulnerabilities and weaknesses that could be exploited by malicious actors. You will work closely with cybersecurity and development teams to provide actionable insights and recommendations, helping us protect...

  • Penetration Tester

    1 week ago

    Kuala Lumpur, Kuala Lumpur, Malaysia R Systems Full time 120,000 - 240,000 per year

    Position Title: Penetration Testing & Vulnerability Assessment (PTVA)Department: Information SecurityLocation: Kuala LumpurRole OverviewThe PTVA PIC is responsible for coordinating and executing the bank's penetration testing andvulnerability assessment activities. This role ensures that assessments are conducted effectively,vulnerabilities are identified...

  • Security Penetration Tester

    7 days ago

    Kuala Lumpur, Kuala Lumpur, Malaysia BAE Systems Full time 120,000 - 180,000 per year

    Location(s): Asia-Pacific & Middle East : Malaysia : Kuala LumpurBAE Systems Digital Intelligence is home to 4,500 digital, cyber and intelligence experts. We work collaboratively across 10 countries to collect, connect and understand complex data, so that governments, nation states, armed forces and commercial businesses can unlock digital advantage in the...

  • Senior Penetration Testing Lead

    1 week ago

    Kuala Lumpur, Kuala Lumpur, Malaysia FIRMUS Full time 120,000 - 240,000 per year

    Role DescriptionThe Senior Penetration Testing Lead is a technical leadership role responsible for steering and executing advanced offensive security engagements. This role requires a security practitioner capable of designing, managing, and delivering comprehensive security assessments—including penetration testing, red teaming, and application security...

  • Tester

    11 hours ago

    Kuala Lumpur, Kuala Lumpur, Malaysia PAN ASIA SOFTWARE SOLUTIONS SDN BHD Full time

    Job Title : TesterLocation : Bangi/KL Tun RazakPrimary Objectives· Collaborate with Test Manager, Test Lead, Business User to ensure smooth testing delivery· Ensure test coverage includes functional and non-functional requirements.· Maintain test documentation and ensure traceability to requirements.· Execute manual and/or automated tests to validate...

  • Technical Tester – Internet

    1 week ago

    Kuala Lumpur, Kuala Lumpur, Malaysia Tentacle Infotech Full time 108,000 - 114,000 per year

    Job Title: Senior QA / Test Analyst – Internet & Core Banking SystemsCompetencies and SkillsQualificationsEducation: Minimum Bachelor's Degree or Diploma in Computer Science, Information Technology, or a related discipline.Professional Certification:CTFL (Certified Tester Foundation Level) certification is an added advantage.Exposure to CMMi/TMMi testing...

  • SAP Tester

    1 week ago

    Kuala Lumpur, Kuala Lumpur, Malaysia Verinon Technology Solutions Sdn Bhd Full time 60,000 - 80,000 per year

    About the role We are seeking an experienced SAP Tester to join our team at Verinon Technology Solutions Sdn Bhd on a contract basis. As an SAP Tester, you will play a crucial role in ensuring the quality and reliability of our SAP software solutions. This is an excellent opportunity to work with a leading provider of information and communication...