Senior Information Security Specialist

TL;DR

Senior Information Security Specialist (Cybersecurity): Lead vulnerability assessments and advanced penetration testing across networks, applications, and infrastructure with an accent on incident response, security control hardening, and risk-based remediation guidance. Focus on coordinating complex investigations, validating bug bounty submissions, and embedding security best practices across the system development lifecycle.

Location: Shah Alam (on-site, i-City Shah Alam)

Company

hirify.global is a global gaming-focused company building products and experiences for players worldwide.

What you will do

• Lead vulnerability assessments across networks, applications, and infrastructure, delivering actionable remediation guidance to technical and non-technical stakeholders.
• Plan and conduct advanced penetration testing (network, application, cloud, and infrastructure) and produce prioritized, risk-based reports.
• Review, refine, and optimize security controls (firewall rulesets, network segmentation, endpoint configurations) to continuously harden environments.
• Monitor, analyze, and respond to complex security alerts and incidents, including triage, containment, eradication, and root cause analysis.
• Act as an escalation point for incident investigations and ensure lessons learned are captured and implemented.
• Review and prioritize bug bounty submissions and collaborate with security researchers and internal engineering teams to remediate findings.

Requirements

• 5+ years of hands-on cybersecurity experience, including ethical hacking, penetration testing, or information security.
• Strong technical depth in offensive and defensive security tools (e.g., Burp Suite, Metasploit, Nessus, Qualys, Splunk/SIEM).
• Strong understanding of network protocols, web application security (OWASP Top 10), vulnerability analysis, and threat detection methodologies.
• Hands-on experience with AWS Cloud security (security controls, IAM, networking) and essential Linux system administration.
• Demonstrated leadership capability for senior/lead responsibilities (team guidance, project ownership, cross-functional influence).
• Willingness to work on-site in i-City Shah Alam.

Nice to have

• Security certifications such as Security+, CEH, OSCP, eJPT, eWPT, GIAC, or similar.

Culture & Benefits

• Global mission with collaboration across teams located across 5 continents.
• Gamer-centric culture and emphasis on accelerated personal and professional growth.
• Cross-functional collaboration with IT, DevOps, Cloud, Risk, and Compliance teams.

Hiring process

• Interviews to assess security expertise, incident/vulnerability experience, and ability to communicate risks to non-technical stakeholders.
• Evaluation of leadership and cross-functional influence in senior security responsibilities.