Information Security Specialist(IT, Cloud

About Us
Appnovation is a global, full-service digital partner that combines Strategy, Experience & Design, Engineering and Managed Services. We build digital solutions that deliver real impact today and serve as foundations for future growth. Bold ambition. Practical action. Endless possibilities.

About The Role
As a member of the IT team, the Sr. Associate, IT (Security) will be responsible for strengthening Appnovation's security posture across our corporate infrastructure and systems. Beyond core IT security responsibilities, this role offers the opportunity to extend your security expertise into client engineering projects, working with development teams on mobile applications, websites, cloud infrastructure, data processing pipelines, and AI systems.

This hybrid role is grounded in traditional IT security—managing security controls, monitoring systems, responding to incidents, and protecting corporate assets. Additionally, you'll have the chance to grow your skills in DevSecOps by contributing to software delivery projects: securing CI/CD pipelines, conducting code security reviews, assessing cloud architectures, and helping integrate security best practices throughout the software development lifecycle.

Appnovation prides itself on having an open environment focused on teamwork and growth giving you the opportunity to guide your own workload and grow your career.

You Will Have the opportunity to

IT Security & Infrastructure

• Implement and maintain information security controls across company systems and infrastructure
• Configure and manage security tools including firewalls, endpoint protection, and monitoring systems
• Support identity and access management (IAM) implementation, including multi-factor authentication
• Conduct security assessments and vulnerability scanning to identify potential weaknesses
• Support security incident response and remediation efforts
• Collaborate with IT team members to resolve security-related tickets and support requests
• Contribute to security policies and documentation aligned with business requirements
• Monitor security advisories to address emerging vulnerabilities
• Support compliance efforts with data protection regulations (GDPR, CCPA)

DevSecOps & Engineering Security

• Integrate security testing tools (SAST/DAST) into CI/CD pipelines and conduct code security analysis
• Partner with engineering teams to review security findings, prioritize remediation, and implement secure coding practices
• Conduct security assessments of mobile applications, web applications, and APIs
• Assess security of cloud infrastructure deployments, serverless architectures, and data pipelines across AWS and GCP
• Review and secure AI/ML model deployments, including data privacy, prompt injection risks, and API security for AI systems
• Provide security consultation during architecture and design phases of development projects
• Generate security reports for development projects and communicate findings to technical leadership

Who you are

• Proactive security professional with strong analytical and problem-solving skills
• Experience working embedded with development teams or in DevSecOps environments
• Comfortable bridging the gap between security, development, and infrastructure teams
• Strong collaborative and communication skills with both technical teams and business stakeholders
• Able to balance proactive security initiatives with responsive operational support
• Detail-oriented with the ability to manage multiple projects across both IT and engineering domains
• 5-8 years of experience in information security roles, with hands-on experience in:

• IT Security Fundamentals:

• Network security technologies (firewalls, IDS/IPS, VPN)

• Identity and access management (IAM) solutions
• Vulnerability assessment tools and patch management
• Security monitoring platforms and log analysis

• Endpoint protection and security policy enforcement

• DevSecOps & Application Security:

• Security tools integration into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins)

• Web application security assessment and secure coding practices
• API security including OAuth/JWT and RESTful API testing
• Container security (Docker, Kubernetes) and infrastructure-as-code security

• Cloud security architecture (AWS or GCP environments)

• Emerging Technologies:

• Familiarity with AI/ML security considerations and securing AI system deployments

• Understanding of data privacy implications in AI applications

As an asset

• Bachelor's degree in Computer Science, Information Security, or related field
• Mandarin/Cantonese speaker is must
• Security certifications such as Security+, CEH, CISSP (Associate level acceptable), or cloud security certifications (AWS Certified Security)
• Experience with DevSecOps practices and secure SDLC methodologies
• Hands-on experience with SAST/DAST tools (e.g., SonarQube, Snyk, OWASP ZAP)
• Experience with security frameworks (ISO 27001, NIST, or CIS Controls)
• Mobile application security testing experience (iOS/Android)
• Understanding of AI/ML security risks, model security, and securing AI API integrations

This role offers the opportunity to significantly impact Appnovation's security posture while gaining exposure to diverse client environments and security challenges. You will work with cutting-edge security technologies and contribute to protecting both internal operations and client implementations.

What Appnovation Offers

• Challenging and rewarding work with real impact
• Direct Access to Cutting-Edge AI Platforms
• Diverse and Inclusive Culture
• Growth opportunities for personal and professional development
• A collaborative and innovative work environment where your ideas are valued
• Exposure to exciting projects and high-profile clients
• Supportive work environment with access to company leaders
• Hybrid working model

What Benefits Appnovation Has To Offer

• Private Medical Plan
• EPF
• Wellness Allowance
• ME Days
• Employee Assistance Programme
• Fertility and Menopause Leave

Thank you for your interest in a career with Appnovation Technologies Please note that only those selected for an interview will be contacted.

At Appnovation, we recognize that diverse teams are the strongest teams. Diversity, Equity & Inclusion is not only something that we embrace - we celebrate it We are proud to be an Equal Opportunity Employer and we encourage applicants from all backgrounds, lived experiences and industries to apply. Come join us at Appnovation, and learn more about how we stay true to our company values as we build better lives through better digital.
Accommodations are available upon request throughout the recruitment process.