Security engineer (cloud, app, saas security) | 20k myr

About the Company

Our client is a fast-growing technology organisation with a strong focus on building secure, scalable, and cloud-native digital products. As part of its continued investment in cybersecurity, the company is strengthening its application and product security capabilities.

About the Role

As a Security Engineer, you will play a key role in enhancing product and application security by embedding best-practice cybersecurity controls across the development lifecycle. You will work closely with engineering and cloud teams to drive “shift-left” security initiatives, ensuring risks are identified and mitigated early in the development process.

• Strengthen security across products and applications by applying industry best practices and continuously improving security design
• Drive “shift-left” initiatives by integrating automated security controls into the software development lifecycle and infrastructure
• Collaborate with engineering and cloud teams to promote secure coding practices and embed security into development workflows
• Support the integration of AI-driven approaches into development pipelines for threat modelling and security automation
• Conduct secure design reviews to identify risks, attack surfaces, and mitigation strategies aligned with industry standards (e.g., OWASP, SANS)
• Contribute to the development and maintenance of tools for secure code reviews and vulnerability remediation
• Support vulnerability management efforts, including prioritisation and coordination with engineering teams for remediation
• Assist in security audits and compliance initiatives (e.g., ISO 27001, SOC 2), including control implementation and evidence gathering
• Support incident analysis and collaborate with SOC teams during investigations and response activities
• Manage and respond to operational security requests in line with defined SLAs

• Experience in Application Security, Secure Software Development, or related domains, ideally within a cloud-native or SaaS environment
• Strong understanding of OWASP Top 10, secure coding practices, vulnerability management, and common web/mobile security risks
• Familiarity with modern web technologies, cloud environments, and Infrastructure-as-Code (IaC)
• Proficiency in at least one programming or scripting language (e.g., Python, Terraform)
• Experience securing web and/or mobile applications (iOS/Android) using static and dynamic analysis techniques
• Hands-on experience with modern application stacks, cloud-native environments, and security tooling
• Understanding of threat modelling, secure code review practices, and attacker methodologies
• Strong collaboration skills with the ability to work cross-functionally with engineering and product teams
• Proactive, detail-oriented, and eager to learn with a strong security-first mindset
• skills

• qualifications

• education

Bachelor Degree

share this job.