Security Researcher
Deriv Services Sdn Bhd
AI-generated summary
beta
Oops, looks like Ashley forgot to summarize this job! We apologize for the inconvenience. Please read the complete Job Description for full details and additional information.
Undisclosed
Cyberjaya
Full-Time
Job Description
We are seeking a driven and analytical Security Researcher to perform penetration testing on our web applications, identify potential security issues, and assist our developers in patching security bugs. You will also manage our bug bounty programme which includes analysing and validating external security reports.
Your role
Binary.com’s IT team is responsible for the design, development, and operation of our high-traffic web applications. As our Security Researcher, we expect you to stay informed about the latest security bulletins and findings, and actively monitor our software development pipeline to find and raise potential security issues.
You will also assist our developers in understanding and patching the bugs that you find. You will also encourage security awareness throughout the organisation via regular communication on security best practices and the latest online threats.
You will:
Your role
Binary.com’s IT team is responsible for the design, development, and operation of our high-traffic web applications. As our Security Researcher, we expect you to stay informed about the latest security bulletins and findings, and actively monitor our software development pipeline to find and raise potential security issues.
You will also assist our developers in understanding and patching the bugs that you find. You will also encourage security awareness throughout the organisation via regular communication on security best practices and the latest online threats.
You will:
- Check our systems against the latest attacks, vulnerabilities, and mitigations
- Identify attack vectors
- Conduct security reviews of production infrastructure
- Build security tools and processes for critical infrastructure monitoring protection, and mitigation
- Perform regular pentesting of our web applications
- Monitor our automated security scripts and utilise them to identify threats
- Manage our bug bounty programme
Job Requirements
You are a naturally curious and perceptive individual who can look at problems from multiple angles.
You can put yourself in the shoes of a potential hacker in order to identify and predict security flaws in our systems.
You always persevere with a task to the end –– even if there’s insufficient information to help you along.
You are the type of person who thrives in a dynamic and challenging work environment. You approach even the smallest task with an open mind.
Most importantly, you value the importance of constant, open, and honest communication.
If you know what we can do to improve, we’re always open to your feedback. We always judge your suggestions based on merit, and not personal bias.
We are looking for someone who loves to:
You can put yourself in the shoes of a potential hacker in order to identify and predict security flaws in our systems.
You always persevere with a task to the end –– even if there’s insufficient information to help you along.
You are the type of person who thrives in a dynamic and challenging work environment. You approach even the smallest task with an open mind.
Most importantly, you value the importance of constant, open, and honest communication.
If you know what we can do to improve, we’re always open to your feedback. We always judge your suggestions based on merit, and not personal bias.
We are looking for someone who loves to:
- Keep up with the latest news and trends in security research
- Do great work, and inspire people around them to do the same
- Work with highly talented people in an exciting, multinational environment
- Get things done in a no-nonsense manner
- Work without bureaucracy and hierarchy
- Analyse and optimise processes to handle unexpected situations more efficiently
- Be extremely hands-on, and also have a say in the company’s big picture strategy
- Have the latest tools and technologies at their disposal
- Learn and improve, day in and day out
To excel in this role, you must have:
- Experience with web application security and testing, security monitoring, and intrusion detection
- Experience with fuzzing and finding edge cases in validation
- Understanding of encryption fundamentals and the OWASP Top 10
- A good understanding of attacks and mitigations such as timing, injection (e.g. form parameter/SQL), side-channel, DoS, buffer overflows and DNS cache poisoning
- Able to assess the security impact of bugs and API inconsistencies
- Familiarity with industry standard tools such as Burp Suit and Metasploit
- Experience in writing custom code and scripts to investigate security threats
- A clear understanding of the OSI model, TCP/IP, and other industry-standard network defense concepts
- Knowledge of the latest industry trends and best practices in information security
- Extensive experience in bug bounty programmes such as HackerOne, Bugcrowd, and Cobalt
- OSCP, CEH, Security+, CISSP, or any GIAC certification is an advantage
Company Benefits
Freedom and flexibility
We offer a casual dress code, freedom to work with advanced tech stacks, and a flat organizational structure.
Agility
Our talented graphics designers create compelling user interfaces, our quants produce best-in-class options pricing.
We Value and Develop Talent
Our recruitment procedures are rigorous, highly selective, and designed to identify the top 10% of talent available in any given career field.
Competitive Employee Benefits
With a market-based remuneration structure, an annual cash bonus plan, health benefits for you and your family, travel and internet allowances.
A World-class Workforce
We value the cultural diversity that provides us with a unique competitive advantage.
Technical Excellence
Applying the latest web technologies to the global financial markets is a most interesting challenge.
Additional Info
Experience Level
0 - 7 Years of Experience
Job Specialisation
Cybersecurity / Network Security, Software Development & QA / Testing, Pre-Sales / IT Business Analyst / Business Intelligence
Company Profile
Deriv Services Sdn Bhd
Deriv Services Sdn Bhd is the operational headquarters in Cyberjaya for Deriv.com, a pioneer in online trading. Focused on customer-centric solutions, we aspire to be the world’s leading online trading service provider.
Our offices in Ipoh and Melaka tap into the talent pools of high-potential university graduates in these cities. These offices offer shared services to Deriv Group companies worldwide, focusing mainly on client support services, payment processing, and accounting.
The scale and complexity of our mission require smart, talented, and dedicated people who are up for a challenge to make online trading on the world’s financial markets accessible to anyone.
If you love innovating and doing extraordinary work, join us. Together, let’s build the future of online trading.
If you love innovating and doing extraordinary work, join us. Together, let’s build the future of online trading.
Security Researcher
Deriv Services Sdn BhdUndisclosed
Cyberjaya
Full-Time
This job is no longer available