14 August 2020

Our client in the media industry is seeking a strong Application Security Engineer to assist in the maintenance of their automated source code scanning platform as well as to perform secure code reviews for their web and mobile applications.

Mandatory Skill(s)

  • Bachelor in Computer Science or related field;
  • Has at least 3 years of experience in application security;
  • Experience in conducting secure code review, dynamic application security testing and manual security testing on both web and mobile applications;
  • Ability to prepare threat profile to identify, quantify and address security risks;
  • Good understanding of common web and mobile application vulnerabilities and how to mitigate these vulnerabilities;
  • Familiar with DevOps and CI/CD;
  • Knowledge of security best practices and guidelines within the industry;
  • Excellent communication and presentation skills.

Desirable Skill(s)

  • Knowledge of Static Application security tools such as Fortify, Burp Suite Professional and Checkmarx;
  • Familiar with Cloud Security (e.g. AWS, Azure);
  • Handled Bug Bounty Program;
  • Familiar with Container security implementation.

Responsibilities

  • Oversee the security practices and processes of the entire SDLC and to minimize all potential vulnerabilities;
  • Develop secure application development practices, standards, guidelines and solutions to build up the organisation\’s application security capabilities;
  • Perform application security assessment using threat modelling, vulnerability research, code scanning and application security testing;
  • Work closely with various stakeholders (e.g. developers) to ensure that all vulnerabilities are mitigated;
  • Partner the DevOps team to create tools and automation to improve the security within the CI/CD pipeline;
  • Identify gaps in security and improve security protocols and procedures in the SDLC;
  • Provide training and support to the development team on security standards, policies and processes.
Apply to this Job