15 Penetration Testing jobs in Malaysia

Job functions:

• Performs any functions, within scope of authority and expertise, to provide the highest level of service and responsiveness to the members served by the bank.
• Performs, coordinates and manages assigned penetration testing co-ordination responsibilities and projects to include the creation and/or maintenance of project activities, plans, project task implementation action items.
• Supports the Head of the Department in coordinating and preparing requested items for audits, examinations, scheduling independent third-party tests such as vulnerability scans, network penetration tests, as well as various risk assessments.
• Assists with remediation plans and coordinates follow-up activities.
• Coordinates the incoming project pipeline from business units, organizing and scheduling various meetings, creating well thought-out agendas and actionable post-meeting minutes.
• Communicates to the Head of the department any project concerns or issues, potential project overruns for final resolution with others across the OU.
• In doing may complete an initial assessment of each project to gauge resource requirements, scope and complexity. Updates project status and related Heatmaps on a regular cadence.
• Works across different verticals and stakeholders in the bank to coordinate vendor managed Testing including setting an annual schedule of activities the extended team completes in including, but not limited to, updating risk assessment information, review of SOW documents, updating risk assessment information and other related forms.
• Updates all metadata (vendor names, addresses contract start, end renewals, etc.) which is used to manage the overall program across the CU. Adds new vendors and removing retired ones.
• Assists team and reports on progress throughout the year.
• Work with key stakeholders to gather, analyse requirements, and produce documentation to enable Pen Test scheduling to be agreed between application teams and external vendors.
• Build effective relationships and support Project team in defining remediation activities/solutions to address identified issues

Governance:

• Provide support to the Programme/Project Manager in assuring the delivery of the AIVM programme is in line with the Standards, the System Development Framework and other applicable standards applicable to investment delivered change
• Regular status updates including tracking against requirements
• Support Project Manager on relevant governance related working group with updates on progress, issues and solutions and track to closure

(Local Malaysians Only)

Role Responsibilities : Penetration Testing Coordinator

This Penetration Testing coordinator is an Individual Contributor role within the CSS VMIS Hive where there will be involvement in change-based initiatives that will enhance the Banks capabilities in Application and Infrastructure Vulnerability Management and cyber security risk reduction.

Penetration Testing Coordination

• Performs any functions, within scope of authority and expertise, to provide the highest level of service and responsiveness to the members served by the standard chartered
• Performs, coordinates and manages assigned penetration testing co-ordination responsibilities and projects to include the creation and/or maintenance of project activities, plans, project task implementation action items.
• Supports the Head of the Department in coordinating and preparing requested items for audits, examinations, scheduling independent third-party tests such as vulnerability scans, network penetration tests, as well as various risk assessments. Assists with remediation plans and coordinates follow-up activities.

Qualifications

• Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent.
• 3- 5 Years of experience in relevant role , Penetration Testing Coordination, Business Analyst preferably in a Banking domain and with Cyber Security role (has basic understanding of Cyber & Information Security)
• Industry certifications will be a plus e.g. CISM, CEH, CISSP, SANS GIAC, GPEN, OCSP, CREST certifications

Good to have skills:

• Experience in Evaluation and validation of information security technologies, including but not limited to: Firewalls, Intrusion Prevention Systems, Email Security Gateways, Web Security Gateways, Web Application Firewalls, Vulnerability Management Tools, Security Incident and Event Management Systems, Anti-malware Systems, Remote Access VPNs, and Encryption technologies
• Prior experience in handling end to end penetration testing project co-ordination for a large multinational bank or service organisation

Job Types: Full-time, Permanent

Pay: RM11, RM15,000.00 per month

Benefits:

• Health insurance
• Maternity leave
• Professional development

Application Question(s):

• Are you a permanent resident of Malaysia?
• How many years of experience you have in Penetration Testing?

Role Responsibilities

This Penetration Testing coordinator is an Individual Contributor role within the CSS VMIS Hive where there will be involvement in change-based initiatives that will enhance the Banks capabilities in Application and Infrastructure Vulnerability Management and cyber security risk reduction.

Penetration Testing Coordination

 Performs any functions, within scope of authority and expertise, to provide the highest

level of service and responsiveness to the members served by the standard chartered

Performs, coordinates and manages assigned penetration testing co-ordination

responsibilities and projects to include the creation and/or maintenance of project

activities, plans, project task implementation action items.

upports the Head of the Department in coordinating and preparing requested items for

audits, examinations, scheduling independent third-party tests such as vulnerability

scans, network penetration tests, as well as various risk assessments. Assists with

remediation plans and coordinates follow-up activities.

oordinates the incoming project pipeline from business units, organizing and

scheduling various meetings, creating well thought-out agenda's and actionable post-

meeting minutes. Communicates to the Head of the department any project concerns or

issues, potential project overruns for final resolution with others across the OU. In doing

may complete an initial assessment of each project to gauge resource requirements,

scope and complexity. Updates project status and related Heatmaps on a regular

cadence.

orks across different verticals and stakeholders in the bank to coordinate vendor

managed Testing including setting an annual schedule of activities the extended team

completes in including, but not limited to, updating risk assessment information, review of

SOW documents, updating risk assessment information and other related forms.

Updates all metadata (vendor names, addresses contract start, end renewals, etc.)

which is used to manage the overall program across the CU. Adds new vendors and

removing retired ones. Assists team and reports on progress throughout the year.

ork with key stakeholders to gather, analyse requirements, and produce

documentation to enable Pen Test scheduling to be agreed between application teams

and external vendors.

uild effective relationships and support Project team in defining remediation

activities/solutions to address identified issues

Governance:

rovide support to the Programme/Project Manager in assuring the delivery of the AIVM

programme is in line with the Group's Standards, the System Development Framework

and other applicable standards applicable to investment delivered change

egular status updates including tracking against requirements

upport Project Manager on relevant governance related working group with updates on

progress, issues and solutions and track to closure

Good to have skills:

xperience in Evaluation and validation of information security technologies, including

but not limited to: Firewalls, Intrusion Prevention Systems, Email Security Gateways,

Web Security Gateways, Web Application Firewalls, Vulnerability Management Tools,

Security Incident and Event Management Systems, Anti-malware Systems, Remote

Access VPNs, and Encryption technologies

rior experience in handling end to end penetration testing project co-ordination for a

large multinational bank or service organisation

Job Types: Full-time, Contract

Contract length: 12 months

Pay: RM6, RM7,000.00 per month

Application Question(s):

• 3months contract with visibility of extension till 12 months

Experience:

• Penetration testing: 3 years (Required)
• Cyber Security Project Co-ordination: 3 years (Required)

Language:

• English (Required)

Work Location: In person

Overview

NIQ is the world’s leading consumer intelligence company, delivering the most complete understanding of consumer buying behavior and revealing new pathways to growth. In 2023, NIQ combined with GfK, bringing together the two industry leaders with unparalleled global reach. With a holistic retail read and the most comprehensive consumer insights—delivered with advanced analytics through state-of-the-art platforms—NIQ delivers the Full View. NIQ is an Advent International portfolio company with operations in 100+ markets, covering more than 90% of the world’s population.

NielsenIQ is maturing its Application Security programs and is recruiting an Application Security Engineer who will be responsible for supporting the rollout of DevSecOps capabilities and practises across all geographies and business units.

As the Application Security Engineer, you will be responsible for integration, maintenance and analyses of the tools and technologies used in securing NIQ products/application throughout their development. You will oversee application security capabilities within a multi-national matrixed environment. The application security engineer will have the opportunity to replace the current Static and Dynamic Application Security Tool and advocate for the tech stack used for monitoring. This position will involve working closely with development/engineering teams, business units, technical and non-technical stakeholders, educating them and driving the adoption and maturity of the NIQ’s Product & Application Security programs.

• Collaborate within Product Security Engineering and Cybersecurity teams to support delivery of its strategic initiatives.
• Work with engineering teams (Developers, SREs & QAs) to ensure that products are secure on delivery and implement provided security capabilities.
• Actively contribute to building and maintaining Product Security team security tools and services, including integrations security tools in the CI/CD process
• Report on security key performance indicators (KPIs) to drive improvements across engineering teams’ security posture.
• Contribute to Product Security Engineering team security education program and become an advocate within the organization’s DevSecOps and application security community of practice.
• Review IaaS / PaaS architecture roadmaps for the cloud to and recommend baseline security controls and hardening requirements, supporting threat modelling of NIQ’s products.

• 5+ years of experience working in a technical/hands-on application security, development, or DevOps professional environment.
• Working Knowledge of web stack, web security and common vulnerabilities (e.g. SQLi, XSS, & beyond.)
• Experience deploying containers using CI/CD pipeline tools like GitHub Actions, Gitlab Pipelines, Jenkins, and Terraform or Helm
• Self-starter, technology and security hobbyist, enthusiast
• Lifelong learner with endless curiosity

• Have experience building serverless functions in Cloud environments.
• Have knowledge of Cloud Workload Protection.
• Experience using SAST and DAST tools.
• Demonstrated engagement in security conferences, training, learning, associations is highly desired and fully supported.
• Ability to think like a hacker.

• Flexible working environment
• Volunteer time off
• LinkedIn Learning
• Employee-Assistance-Program (EAP)

NIQ is the world’s leading consumer intelligence company, delivering the most complete understanding of consumer buying behavior and revealing new pathways to growth. In 2023, NIQ combined with GfK, bringing together the two industry leaders with unparalleled global reach. With a holistic retail read and the most comprehensive consumer insights—delivered with advanced analytics through state-of-the-art platforms—NIQ delivers the Full View. NIQ is an Advent International portfolio company with operations in 100+ markets, covering more than 90% of the world’s population.

For more information, visit NIQ.com

Want to keep up with our latest updates?

Follow us on: LinkedIn | Instagram | Twitter | Facebook

At NIQ, we are steadfast in our commitment to fostering an inclusive workplace that mirrors the rich diversity of the communities and markets we serve. We believe that embracing a wide range of perspectives drives innovation and excellence. All employment decisions at NIQ are made without regard to race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, marital status, veteran status, or any other characteristic protected by applicable laws. We invite individuals who share our dedication to inclusivity and equity to join us in making a meaningful impact. To learn more about our ongoing efforts in diversity and inclusion, please visit the diversity page at NIQ.

About the Job:

Nationality: Any from South East Asia

Employment Type: Full-time

Experience: Minimum 1 year in Black Hat SEO & Cybersecurity

Job Description:

• We are seeking a Black Hat SEO Specialist with cybersecurity and penetration testing experience to manipulate search engine rankings, exploit algorithm weaknesses, and counteract negative SEO threats. This role requires expertise in offensive SEO tactics, security vulnerabilities, and hacking search engine algorithms.
• As part of our SEO and security team, you will execute aggressive ranking strategies, analyze SEO loopholes, and develop attack & defense mechanisms to maintain dominance in search results.

Key Responsibilities:

• Exploit search engine algorithms to gain ranking advantages.
• Automated backlink building (PBNs, spam networks).
• CTR (Click-Through Rate) manipulation.
• Reverse-engineering search engine penalties & filters.
• Conduct penetration testing on web assets to identify SEO vulnerabilities.
• Perform negative SEO strategies to counter competitor rankings.
• Reverse-engineer anti-spam algorithms to bypass ranking restrictions.
• Use security testing tools (Nmap, SQLMap, Burp Suite, Metasploit, Nessus, AWVS) for SEO-driven exploits.
• Automate SEO attacks & defenses using Python, Shell scripting, CMD, and PowerShell.
• Detect and counter spam link attacks, site cloning, and SERP poisoning.
• Collaborate with the SEO team to integrate offensive and defensive ranking strategies.

Required Skills & Qualifications:

• 1+ years of experience in Black Hat SEO & Cybersecurity.
• Deep understanding of Google algorithm manipulation & SEO exploits.
• Proficiency in Black Hat SEO tools (GSA SER, Scrapebox, XRumer, SEnuke, etc.).
• Strong knowledge of automated traffic bots & AI-based ranking manipulation.
• Experience with cloaking techniques, geo-targeting tricks, and user-agent spoofing.
• Familiarity with PBN networks, backlink automation, and anchor text.
• Expertise in penetration testing tools & ethical hacking methods to analyze SEO vulnerabilities.
• Strong analytical skills to bypass search engine filters & penalties.

Preferred Qualifications (Bonus Points):

• Certifications in OSCP, CEH, CISSP, GPEN (or equivalent).
• Experience with black hat affiliate marketing & underground SEO strategies.
• Knowledge of AI-powered SEO automation & adversarial machine learning for search engines.
• Understanding of zero-day SEO exploits & algorithm reverse-engineering.

Why Join Us?

• Work with an elite team of Black Hat SEO & cybersecurity specialists.
• Gain access to premium SEO hacking tools & exclusive ranking strategies.
• Competitive salary, bonuses, and fast career growth.
• Push the boundaries of SEO & cybersecurity innovation.
• If you are a Black Hat SEO expert who understands penetration testing and search engine exploits.

Overview

Join to apply for the Control Testing Security Analyst role at Accenture Southeast Asia .

We are looking for professionals to analyze security risks and support audit operations to ensure compliance, collaborate with multiple departments to enhance security measures, and conduct assessments with recommendations to improve security protocols.

• Analyze security risks and develop audit operations to ensure compliance.
• Collaborate with various departments to enhance security measures.
• Conduct assessments and provide recommendations for improving security protocols.

• Advanced proficiency in Security Risk and Audit Operations.
• Intermediate proficiency in Security Compliance Operations.
• It is advantageous to have prior experience in relevant related skills.
• Bachelor's Degree in relevant field of studies.
• Strong fluency in Mandarin.

• Intermediate proficiency in Cybersecurity Risk Management.
• Intermediate proficiency in Security Compliance Design.
• Intermediate proficiency in Security Compliance Management.
• Intermediate proficiency in Security Quality Assurance.

• Seniority level: Entry level
• Employment type: Full-time
• Job function: Project Management, General Business, and Management
• Industries: Business Consulting and Services

Note: This description preserves original job information without introducing new facts or irrelevant boilerplate.

Overview

Join New Era Technology, where People First is at the heart of everything we do. With a global team of over 4,500 professionals, we’re committed to creating a workplace where everyone feels valued, empowered, and inspired to grow. Our mission is to securely connect people, places, and information with end-to-end technology solutions at scale.

At New Era, you’ll join a team-oriented culture that prioritizes your personal and professional development. Work alongside industry-certified experts, access continuous training, and enjoy competitive benefits. Driven by values like Community, Integrity, Agility, and Commitment, we nurture our people to deliver exceptional customer service.

If you want to make an impact in a supportive, growth-oriented environment, New Era is the place for you. Apply today and help us shape the future of work—together.

Control Testing Security Analyst – Malaysia (Client Location) | New Era Technology

Client Location: KL, Malaysia
Company: New Era Technology – Type: 3 years Contract

About the Role:

New Era Technology is looking for experienced Control Testing Security Analyst to be deployed at our prestigious client in Malaysia at their KL office.

• Ability to design test plans and testing approaches based on risk analysis and cover the Process Walkthrough, Test of Design (TOD) standardization, Test of Operation Efficiency (TOE), Remediation measures & Regulatory compliance- SEC.
• To oversee and co-ordinate the successful deployment of Risk Management & Compliance activities and ensure consistency and standardization of R&C activities.
• The role requires an ability to implement change and act as a catalyst to improve internal controls and financial integrity within processes - Experience in Public Accounting/ Internal Audit/ SOX Compliance or related field required - Knowledge of the Sarbanes Oxley Act including SOX 302/404 and internal controls over financial reporting.
• Ensure compliance with internal policies (audit methodology and risk management) and obtaining, analyzing and evaluating accounting documentation, reports, data, flowchart etc.
• To implement SOX framework within the organization and play an active part in identifying process gaps and establishing new processes, automation with emphasis on internal controls
• Ensure the SOX testing plan is coordinated and executed in a timely and effective manner by working closely with the global SOX Program team, Process Owners, external service providers and external auditors.
• To ensure all required controls are implemented, documented and monitored to ensure full audit compliance.
• Exposure and experience in risk management, internal audit, QA, COSO framework, SOX controls, compliance, ISO 9001 & 27001 standards or audit. (certification would be an advantage).
• To ensure an effective communication process is in place with line management and team members.
• Regular interaction with project teams to close dependencies and to manage the support function in a multi-stakeholder environment, ensuring all stakeholders are informed, involved and appropriately supportive of initiatives and projects.
• Degree in Information Technology, Computer Science, or related field.
• Internal Auditing, SOX controls testing
• Proficiency with MS Office suite of products
• Ability to follow guidelines and identify and resolve problems
• Good interpersonal skills
• Fluent in conversational simplified Mandarin
• Nationality: Only Malaysians
• Availability: Candidates who can join max in 30-60 days.

How to Apply:
Send your updated resume to Nithiya.murali @neweratech.com with the subject line:
“Control Testing Security Analyst -Malaysia”

About Us:
New Era Technology ( ) is a global IT services provider with a footprint in 80+ countries, delivering cutting-edge digital transformation, consulting, and staffing services across industries

New Era Technology, Inc., and its subsidiaries (“New Era” “we”, “us”, or “our”) in its operating regions worldwide are committed to respecting your privacy and recognize the need for appropriate protection and management of any Personal Data that you may provide us. In this, we are also committed to providing you with a positive experience on our websites and while using our products, services and solutions (“Solutions”).

View our Privacy Policy here

Interested in building your career at New Era Technology? Get future opportunities sent straight to your email.

Accepted file types: pdf, doc, docx, txt, rtf

Are you in a commutable distance to KL, Malaysia? * Select.

Do you have an experience in Internal Auditing? * Select.

Do you have experience in SOX control testing? *