Application Security Specialist

Kuala Lumpur
Technology – Cybersecurity /
Full time /
The Xsolla Team is looking for a passionate Application Security Specialist to work in our KL Office. We need a professional who knows and likes to solve the company's information issues.


    • Seek and investigate vulnerabilities in the company's products
    • Collaborate with product development, information technology, and management
    • Participate in security assessments of service architecture
    • Develop and conduct training events for developers
    • Participate in the management of the Bug Bounty program
    • Assist developers in vulnerability mitigation according to agreed SLAs
    • Maintain, develop and automate SDLC practices
    • Assist in implementing security code review process
    • Participate in the selection and implementation of new information security systems
    • Participate in information security incident investigations


    • At least 3 years of relevant experience
    • Familiar with web application attacks, how to exploit them, and defense techniques
    • Experienced in doing penetration testing in PHP and Javascript
    • Understand the difference between threat and risk, and are familiar with vulnerability assessment
    • Understand the principles of networking and how web applications work
    • Are familiar with BurpSuite/OWASP ZAP etc
    • Familiar with the languages and frameworks for developing modern web applications 
    • Familiar with manual and automated application security analysis tools
    • Familiar with SDLC
    • Verbal communication in English is easy
Convenient work tools:
Latest Mac workplaces + additional hardware to make you more effective at work
Google Chat, Gmail, Google Drive, Confluence, Jira, GitLab
Professional growth:
Free training and participation in specialized conferences
Rich knowledge exchange within the company
More perks:
Health insurance
Flexible hours: organize your day according to your needs and sprint & teamwork demands
No dress code
Comfortable and new office environment
Xsolla is a video game commerce company powered by Transaction Engine and Business Engine that helps developers and publishers market, sell, connect, and optimize their games globally. The engines work seamlessly together to solve the complexities of distribution, marketing, and monetization so partners can increase their audience, sales, and revenue. For more information, please visit
The physical demands for this position are sitting, standing, bending, lifting, and moving intermittently during working hours. These physical requirements may be accomplished with or without reasonable accommodations.
The duties of this position may change from time to time so the individual and organization can achieve their results. This job description is intended to describe the general level of work being performed. It is not intended to be all-inclusive. Xsolla KL Sdn Bhd takes your privacy very seriously, and will not sell or externally distribute any data received during the hiring process. Pursuant to the Personal Data Protection Act 2010 (“PDPA”), Xsolla KL Sdn Bhd is mindful and committed to the protection of your personal information and your privacy. For more information related to PDPA 2010 please reach out to

Longevity Opportunity Vision Enjoy the game.
**Currently this position is open to all local applicants (Malaysian Citizens) or holding PR status in Malaysia.