Vacancies available in Nettium Sdn Bhd

Web Security Specialist

Min 3 years


We are seeking a Web Security Specialist who understands business and information security strategy to support a road map of initiatives with proven experience in the information security field. Highlight your key achievements.

Responsibilities include:

  • Operate, improve and maintain a Corporate Web Security program based on industry frameworks, standards, and best practices.

  • Execute web vulnerability scanning program and conduct regular scans of Company web computing platforms to detect the presence of vulnerabilities, malware, unauthorized software and web security threats and risks.

  • Identify, propose and execute continuous improvement initiatives on existing security services.

  • Conduct and assist in security remediation activities discovered through Audit, Penetration Testing and other security related assessments.

  • Develop secure development polices, requirements, controls, configurations, architecture, standards, and best practices into development life cycles, end products, services, and systems.


  • Candidate must possess at least a Bachelor's Degree, Post Graduate Diploma, Professional Degree, Computer Science/Information Technology or equivalent.

  • Education/skills acquired from information security technology experience, and experience with Information Technology with emphasis in information security.

  • At least 3 years of directly-related work experience and understanding of web information security architecture and principles.

  • In-depth knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.

  • Knowledge on Web application development and testing including .NET and/or J2EE.

  • Understanding of web security standards, architecture, web security best practices and application security best practices.

  • A team player who can work independently with minimum supervision.

  • Attainment of information security certifications such as ISO 27001 Lead Auditor, Certified Information Security Systems Professional (CISSP), or Certified Ethical Hacker (CEH) is a plus.