Talent.com
This job offer is not available in your country.
Information Security, Senior Executive (1 year contract)

Information Security, Senior Executive (1 year contract)

WhiteCoatMalaysia, Malaysia
2 days ago
Job description

About WhiteCoat

WhiteCoat is a Singapore-headquartered omnichannel provider of integrated health and wellness services that serves as the first and single touchpoint for all care needs in Southeast Asia.

Since launching in 2018, WhiteCoat’s digital platform powers a wide range of services including tele- and in-person consultations, as well as medication fulfilment and diagnostic testing, across primary, specialist and allied care. With a focus on the B2B space, WhiteCoat has forged strategic partnerships with the region’s leading insurers, corporates and care providers, to provide accessible and affordable high-quality care to its users.

The Group currently has offices in Singapore, Indonesia, Malaysia and Vietnam. For more information on WhiteCoat, please visit

What you will be doing

The Information Security Senior Executive is responsible for embedding security into the entire software development lifecycle (SDLC). This role owns the application and product security roadmap, from initial design to deployment and operation.

You will safeguard our information systems by proactively identifying, assessing, and mitigating security risks in our software. This position acts as a critical bridge between development, operations, and security teams, ensuring our products are built on a foundation of security and trust.

Your accountability spans secure development practices, automated security testing (SAST / DAST), penetration testing, and vulnerability management, with a clear mandate to drive down risk without impeding engineering velocity.

Key Responsibilities :

1. Security Governance & Operations

  • Develop, implement, and enforce security policies, standards, and guidelines aligned with industry best practices (e.g., ISO 27001, NIST, OWASP).
  • Own and manage the regulator reporting workflow for security incidents and data breaches (e.g., PDPC, MAS, MOH), ensuring timely and accurate submissions.
  • Prepare and present a quarterly board-level metrics pack detailing our security posture, vulnerability status, testing outcomes, and risk landscape.
  • Monitor, assess, and respond to security threats and incidents in close coordination with the Security Operations Center (SOC) and IT teams.

2. Secure Development & Testing (DevSecOps)

  • Integrate and automate security tooling into the CI / CD pipeline at key gates :

    • Static Application Security Testing (SAST) on every pull request.

  • Software Composition Analysis (SCA) for dependency scanning on every merge.
  • Dynamic Application Security Testing (DAST) in pre-production environments.
  • Lead threat-modeling workshops with engineering teams to proactively identify architectural flaws and teach them to "think like an attacker".
  • Work directly with development teams to remediate identified vulnerabilities, providing clear guidance and promoting secure coding practices.

    • 3. Penetration Testing & Vulnerability Management

  • Plan and manage a continuous program of internal and external penetration testing for applications, APIs, networks, and cloud infrastructure.
  • Oversee the budget for third-party security assessments to ensure specialized testing can be procured without delay.
  • Enforce risk-stratified Service Level Agreements (SLAs) for remediation (e.g., Critical : 7 days, High : 14 days), tracked transparently in Jira.
  • Validate remediation efforts post-testing and ensure all identified risks are formally closed or accepted.

    • 4. Incident Response & Threat Management

  • Lead application-focused incident response activities, including investigation, containment, eradication, and recovery.
  • Conduct blameless post-mortems and root cause analysis for security incidents, ensuring preventative measures are implemented.
  • Run regular table-top exercises and purple-team drills to test and improve our response capabilities.
  • Track emerging threats, vulnerabilities, and exploits relevant to the organization’s technology stack and software supply chain.

    • 5. Awareness & Training

  • Establish and lead a Security Champions Guild, embedding a security-focused engineer in each squad to act as a first-line AppSec advocate.
  • Provide technical guidance and hands-on training to development, QA, and operations teams on security best practices and tooling.
  • Promote a security-first culture across the organization, making security a shared responsibility.

    • Our Benefits

  • Make a Real Impact : Opportunity to contribute to a leading digital health company's rapid growth.
  • Fast-paced Start-up Environment : Experience an environment where you get to own and make tangible impact without bureaucracy getting in the way of rapid decision-making.
  • Great Team : Collaborate with intelligent, friendly, and supportive professionals from diverse backgrounds.
  • Hands-on Learning & Growth : Gain hands-on experience in strategy, partnerships, operations, and product innovation within a growing industry.
  • Competitive Compensation & Benefits : Competitive compensation and performance-based bonus.

    • How to apply

    If you believe you have what it takes for this role, click ‘Apply’ and join us on our journey to make a positive impact on the lives of people through innovative healthcare solutions!

    What we are looking for

    Education & Certification :

  • Bachelor’s degree in Computer Science, Information Security, or a related field.
  • Relevant certifications strongly preferred (e.g., OSCP, GWAPT, GPEN, CSSLP, CISSP).

    • Technical Skills :

  • Deep expertise in application security concepts and frameworks (OWASP Top 10, SANS CWE 25).
  • Hands-on experience with SAST (e.g., SonarQube, Checkmarx), DAST (e.g., OWASP ZAP, Burp Suite), and SCA / SBOM tools (e.g., Syft, Grype, Snyk).
  • Practical experience conducting, managing, and interpreting penetration test results.
  • Proven ability to integrate security tools into CI / CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions).
  • Strong understanding of secure coding practices in languages like Java, Python, and JavaScript.
  • Proficiency in cloud security, with a priority on AWS (CIS Benchmarks, IAM), and familiarity with Azure / GCP.
  • Experience with Infrastructure as Code (IaC) security scanning (e.g., Terraform, CloudFormation).

    • Soft Skills :

  • Exceptional communication skills, with a proven ability to translate technical CVEs into business and product impact for executive stakeholders.
  • Strong analytical and problem-solving skills, with a proactive, detail-oriented mindset.
  • Demonstrated ability to influence roadmap trade-offs and collaborate effectively with Product, Legal, and Audit teams.

    • #J-18808-Ljbffr

    Create a job alert for this search

    Executive Executive • Malaysia, Malaysia

    Related jobs
    • Promoted
    Executive - Compliance

    Executive - Compliance

    MAA Group BerhadMalaysia, Malaysia
    Monitoring of regulatory requirements pertaining to Anti-Corruption, Anti-Money Laundering, Personal Data Protection Act, Corporate Governance and other requirements imposed by the authorities.Assi...Show moreLast updated: 1 day ago
    Senior Executive, Support Specialist

    Senior Executive, Support Specialist

    WhiteCoatMalaysia, 14, MY
    WhiteCoat is a Singapore-headquartered omnichannel provider of integrated health and wellness services that serves as the first and single touchpoint for all care needs in Southeast Asia.Since laun...Show moreLast updated: 30+ days ago
    Marketing Executive (Setia City Mall)

    Marketing Executive (Setia City Mall)

    LendleaseMY
    Lendlease is a globally integrated real estate group with core expertise in Investment Management, Development, and Construction. For more than 60 years, we have created thriving places.We are dedic...Show moreLast updated: 6 days ago
    • Promoted
    DRSC A&A : SEA Monitoring & Remediation, Manager / Senior Manager

    DRSC A&A : SEA Monitoring & Remediation, Manager / Senior Manager

    Deloitte MalaysiaMalaysia, Malaysia
    DRSC A&A : SEA Monitoring & Remediation (based in Kuala Lumpur) – Manager / Senior Manager.At Deloitte, our purpose is to make an impact that matters for our clients, our people, and the communities...Show moreLast updated: 1 day ago
    • Promoted
    E commerce &Partnership Executive (AmazonUSfocused)

    E commerce &Partnership Executive (AmazonUSfocused)

    Perfect 7 Singapore & MalaysiaMalaysia, Malaysia
    E commerce &Partnership Executive (AmazonUSfocused).Employment Type : Full‑Time, Work‑From‑Home (based in Malaysia).Occasional travel within Malaysia or to Singapore and Korea for meetings and event...Show moreLast updated: 2 days ago
    • Promoted
    Senior Associate - Risk Performance, Governance and Controls (RPGC)

    Senior Associate - Risk Performance, Governance and Controls (RPGC)

    PwC MalaysiaMalaysia, Malaysia
    Whether you’ve just graduated or have years of experience, this is a firm where you can learn and grow.It’s the PwC experience that stays with you as you build strong networks and make lasting frie...Show moreLast updated: 3 days ago
    • Promoted
    Manager, IT Security Operation

    Manager, IT Security Operation

    FGV HoldingsMalaysia, Malaysia
    Manager , IT Security Operation page is loaded## Manager , IT Security Operationlocations : Wisma FGVtime type : Full timeposted on : Posted 2 Days Agojob requisition id : JR2268 • •FGV Holdings ...Show moreLast updated: 7 days ago
    • Promoted
    Senior Executive - Credit Administration

    Senior Executive - Credit Administration

    Gamuda GroupMalaysia, Malaysia
    Job Title : Senior Executive - Credit Administration.Posting Start Date : 03 / 09 / 2025.Responsible for the operations of the credit administration functions. Review and identify areas for improvement fo...Show moreLast updated: 3 days ago
    • Promoted
    Account Executive, Defence & Intelligence

    Account Executive, Defence & Intelligence

    PlanetMalaysia, Malaysia
    Planet designs, builds, and operates the largest constellation of imaging satellites in history.This constellation delivers an unprecedented dataset of empirical information via a revolutionary clo...Show moreLast updated: 30+ days ago
    • Promoted
    Project Executive

    Project Executive

    KK SupermartMalaysia, Malaysia
    The Survey & Events Assistant is responsible for conducting on-site surveys and assessments to identify optimal locations for signage installation and roadside bunting for new outlet launches.This ...Show moreLast updated: 5 days ago
    • Promoted
    Senior Administrative Executive

    Senior Administrative Executive

    Monash University MalaysiaMalaysia, Malaysia
    Senior Administrative Executive.Amplify your impact at a world top 50 University.Be surrounded by extraordinary ideas - and the people who discover them. We value difference and diversity , and welc...Show moreLast updated: 1 day ago
    • Promoted
    Senior Operations Executive for Teacher Team (Remote MY)

    Senior Operations Executive for Teacher Team (Remote MY)

    Write EdgeMalaysia, Malaysia
    Branches in Singapore, Online arm in Singapore, Malaysia and Indonesia.The Training and Development team is in charge of developing a strong team of teachers and working with the key leadership tea...Show moreLast updated: 2 days ago
    Lead Consultant (FortiGuard Incident Response) - APAC

    Lead Consultant (FortiGuard Incident Response) - APAC

    FortinetMY
    Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security.At Fortinet,...Show moreLast updated: 30+ days ago
    • Promoted
    [ML 00102] Cloud & Security Specialist

    [ML 00102] Cloud & Security Specialist

    ADI Group - ASIAMalaysia, Malaysia
    Cloud Security Specialist Position : Safeguard Data with Advanced Solutions.Nationality : Malaysian Language Proficiency : English. Assist on daily basis AWS Cloud Infrastructure operations & JIIRA Adm...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Executive Assistant

    Senior Executive Assistant

    Expo CentricMalaysia, Malaysia
    Founded in 2009 by Stan Kruss, Expo Centric has evolved from a humble startup into a globally recognised experiential marketing agency. With over 16 years of industry leadership, we’ve become Austra...Show moreLast updated: 2 days ago
    • Promoted
    Senior Executives (Audit)

    Senior Executives (Audit)

    Folks DFK & Co / Azman, Wong, Salleh & CoMalaysia, Malaysia
    To perform audit of public listed and private limited companies in accordance with the approved standards of auditing and internal audit programmes. To perform assessment of the sufficiency and adeq...Show moreLast updated: 2 days ago
    • Promoted
    Public Relations Senior Account Executive / Manager

    Public Relations Senior Account Executive / Manager

    Saltine CommunicationsMalaysia, Malaysia
    Public Relations Senior Account Executive / Manager.Saltine Communications is hiring for the Public Relations Senior Account Executive / Manager role. The base pay range is MYR36,000.This range is p...Show moreLast updated: 2 days ago
    • Promoted
    Account, Senior Executive

    Account, Senior Executive

    Ecovis Malaysia PLTMalaysia, Malaysia
    Able to handle full set of accounts including preparation cash flow, general ledger transactions, reconciliation and other related matter of accounting. Handle payment process for account payable an...Show moreLast updated: 7 days ago