Share this Job
Apply now »

Global Technology Junior / Senior Analyst - Penetration Tester Cybersecurity

Date:  15-Sep-2022
Service Line / Portfolios: 

Kuala Lumpur, MY

Title: Global Technology Junior / Senior Analyst - Penetration Tester Cybersecurity

What impact will you make?

At Deloitte, we offer a unique and exceptional career experience to inspire and empower talents like you to make an impact that matters for our clients, people and community. Whatever your aspirations, Deloitte offers you a highly inclusive, collaborative workplace and unrivalled opportunities to realize your full potential. We are always looking for people with the relentless energy to push themselves further, and to find new avenues and unique ways to reach our shared goals.

So what are you waiting for? Join the winning team now.

Work you’ll do

As the Securities Tester for Code Assessments you will evolve and enhance the approach for managing customer requests and queries for technical testing along with supporting the development and maintenance of testing methodologies.


Key Responsibilities:

  • Curate and assess vulnerability data (across multiple platforms/tools) from a code assessment perspective, to ensure false positive review and analysis to provide target results to customers
  • Provide technical guidance in supporting member firms in conducting necessary remedial actions and responding to client vulnerability questions or disclosures
  • Collaborate to develop tooling deployment and relevant scanning configurations to enhance practical testing processes
  • Escalate key risks and issues to Regional Operations Manager which need special attention or hold urgency
  • Operate in the wider organization to drive risk reduction goals and in the continuous improvement vulnerability related services
  • Act as a SME for member firms in receiving client queries regarding vulnerability disclosures
  • Develop a deep understanding of DGSL and Member Firm IT operations and remediation capabilities
  • Performance tuning, upgrades of Fortify tools and databases, hardening servers, managing cloud costs.

Your role as a leader

At Deloitte, we believe in the importance of empowering our people to be leaders at all levels. We expect our people to embrace and live our purpose and shared values, challenging themselves everyday to identify issues that are most important to our clients, our people and the communities, and to make an impact that matters. In addition to living our purpose, Associates / Analysts / Consultants across our Firm are expected to:


  • Understand the expectations set and demonstrates personal accountability for keeping own performance on track.
  • Understand how our daily work contributes to the priorities of the team and the business.
  • Demonstrate strong commitment to personal learning and development.
  • Actively focus on developing effective communication and relationship-building skills, with stakeholders, clients and team.
  • Work effectively in diverse teams within a highly inclusive team culture where everyone is supported, respected and recognized for their contribution.



  • Bachelor’s degree in Computer Science, Cyber Security, International Cyber Security, or equivalent education experience.
  • At least 3 years of working experience combines in Cyber Security, Vulnerability Management of Application Testing would also be considered.
  • Experience in application testing proven track record and experience of the following in a highly complex and global organization:
    • Application Security testing services experience working with both testing tools and manual exploitation techniques. Experience with validation of scan results from the following testing tools: Fortify, Contrast Security, Checkmarx and software composition analysis tools.
    • Thorough knowledge of explaining to development teams of how to use secure coding techniques for the following program languages: .NET, C# and Java
    • Risk Management - ability to convey technical risks to business managers and executives
    • Application/Infrastructure/Architecture experience - experience with managing and configuring on-premises scanning tools infrastructure hosted in a cloud environment.


  • Experience working with variety of cultures across the globe and have the patience, understanding and empathy to work collaboratively and effectively
  • Ability to develop reports, metrics, dashboards and capability to articulate the data presented within the reports to senior management and technical staff.
  • Thorough knowledge and ability to accurately describe the OWASP Top 10 most common application security vulnerabilities found on most websites.
  • Certification: Professional security management certification required (at least 1 active certification from any of the following)
    • Certified Information Systems Security Professional (CISSP),
    • Certified Information Security

Due to volume of applications, we regret only shortlisted candidates will be notified. Candidates will only be contacted by authorized Deloitte Recruiters via firm’s business contact number or business email address.


Requisition ID:  89262

In Malaysia, the services are provided by Deloitte and other related entities in Malaysia ("Deloitte in Malaysia"), which are affiliates of Deloitte Southeast Asia Ltd. Deloitte Southeast Asia Ltd is a member firm of Deloitte Touche Tohmatsu Limited. Deloitte in Malaysia, which is within the Deloitte Network, is the entity that is providing this Website.

Apply now »