
Cybersecurity Analyst
SANTUBONG SOFTWARE SDN BHD · Information & Communication Technology
Job Description
SANTUBONG SOFTWARE SDN BHD is bringing security in-house as its client base grows, building out a dedicated function to protect production systems used by logistics and retail customers nationwide, rather than continuing to rely on ad hoc external reviews. This is a genuine build-it-from-scratch opportunity within an established product company, ideal for a security professional who wants to shape practices, tooling, and culture rather than inherit someone else's playbook and simply keep it running.
As Cybersecurity Analyst you'll run vulnerability scans, coordinate penetration test remediation, and build out our incident response playbook essentially from the ground up. It is a genuine chance to define how security is done here, working across engineering and infrastructure to raise the bar in a practical, risk-driven way. We want someone who can balance technical depth with clear communication, and who cares about actually reducing risk rather than just producing reports that gather dust on a shelf.
Key responsibilities
- Run regular vulnerability scans across our product and cloud infrastructure
- Coordinate with external pentest vendors and track remediation through to closure
- Draft, maintain, and rehearse our incident response playbook
- Review new features for common security misconfigurations before release
- Run periodic access audits across cloud and internal systems
- Train engineering staff on secure coding and secure design practices
- Track security KPIs and report meaningful trends to engineering leadership
- Prioritise remediation work by real business risk, not just raw severity score
What we offer
- Certification exam fees covered
- Medical and dental coverage
- Build-from-scratch autonomy
- Annual bonus
Requirements
Requirements
- At least 3 years in a security-focused role such as SOC analyst or appsec
- Familiar with the OWASP Top 10 and common cloud misconfigurations
- A relevant certification such as Security+ or CEH is an advantage
- Comfortable presenting findings clearly to non-technical stakeholders
- Able to prioritise remediation by actual business risk rather than severity alone
About SANTUBONG SOFTWARE SDN BHD
A product engineering house building SaaS tools for logistics and retail clients across Malaysia, spun out of a university research project in 2018.
11–50 employees · Kuching