Application Security Engineer

JOB DESCRIPTION

Job purpose:

We are seeking an experienced Application Security Engineer to join our team. This role will collaborate with other IT professionals as part of our security engineering team to anticipate and correct vulnerabilities in both client-facing and internal applications. The ideal candidate will not just be an expert in application security but have the expertise and capability to provide technical leadership and guidance on security best practices to the entire development team.

Key responsibilities:

Perform proof of concept testing for new security products

Evaluate new technologies and tools that will impact organization security.

Analyze proprietary and third-party software to identify and address security concerns.

Assess the organization’s security architecture and scan code to identify vulnerabilities.

Guide development teams on defensive coding and remediation techniques

Provide security training and guidance for developer teams

Review existing applications and software to identify security improvements

Install, configure, and use new security tools implemented by the organization

Develop and refine app and product security best practices

Maintain documentation of application security controls

Conduct penetration testing and provide retesting support

Serve as a subject matter expert on common attack vectors and application security for developer teams and organization leadership

JOB REQUIREMENT

4+ years of experience in an IT role, preferably in a security team

Experience assessing vulnerabilities in business software and systems.

Experience establishing software development policies.

Experience with application design, risk assessment, and penetration testing

Experience performing blackbox, greybox, and whitebox security assessments of applications using HTTP and/or proprietary protocols

Container DevSecOps experience

Proficient in at least one programming language such as Java, .NET, or Python

Deep knowledge of common security vulnerabilities

Knowledge of application architectural patterns (MVC, Microservices, etc.)

Knowledge of secure development lifecycle principles

Strong problem-solving and analytical skills

Education and Experience required: Bachelor’s degree in engineering, computer science, information security, or a related field

Prefer Qualifications

Experience with iOS or Android security

Certification in information security (CISSP, CISM, CEH, etc.)

WHAT'S ON OFFER

Competitive salary

13th salary and performance bonus

15 days Annual Leave and 5 days Sick Leave

Healthcare Insurance for employee

Laptop Provided

Career path, training courses

Other benefits of Company will be share details in the offer stage

CONTACT

PEGASI – IT Recruitment Consultancy | Email: recruit@pegasi.com.vn | Tel: +84 28 3622 8666

We are PEGASI – IT Recruitment Consultancy in Vietnam. If you are looking for new opportunity for your career path, kindly visit our website www.pegasi.com.vn for your reference. Thank you!

Job Summary

Company Type:

Product

Technical Skills:

Security

Location:

Ho Chi Minh - Viet Nam

Working Policy:

Salary:

Negotiation

Job ID:

J01301

Status:

Related Job:

OSS Software Engineer

Ho Chi Minh - Viet Nam

Product

C/C++

Collaborate with a small team of engineers to: Develop software primarily using C language Perform thorough software testing Deliver projects in phased releases Offer customer support for live operations Coordinate software development and support activities with the manager and the core development team based in California, USA

Negotiation

View details

Backend Engineer (Python/Kotlin)

Ho Chi Minh, Ha Noi - Viet Nam

Outsource

Python
Kotlin
AWS

Create and develop financial products on top of a core banking platform called Thought Machine Vault Create and develop event-driven microservices to enhance the functionality of the core banking platform Maintain and enhance service reliability through effective simulation, end-to-end, and performance tests Enhance SRE processes and offer production support for services Write high-quality, sustainable code using TDD Utilize Kubernetes and Docker for scheduling and running microservices Technology stack comprises mainly of Python and Kotlin/Java, with the flexibility to use the most suitable language for problem-solving Utilize PostgreSQL, Aurora, and S3 for persistence Harness the elastic AWS infrastructure Practice continuous integration and delivery Follow the approach of "you build it, you run it."

Negotiation

View details

Senior Full-stack Java Software Engineer

Ho Chi Minh - Viet Nam

Outsource

Java
Angular
Cloud

Create and uphold full-stack web applications using Java as the primary language, Spring Boot for the backend, and Angular (TypeScript) for the frontend. Develop and execute RESTful APIs with a focus on scalability, security, and performance. Engage in system design, technical discussions, and code review. Utilize AWS cloud services for the deployment and management of applications in production. Implement unit tests and integration tests to guarantee code quality. Contribute to Agile/Scrum teams alongside Product Owner, QA, and DevOps. Provide guidance and assistance to less experienced developers.

Negotiation

View details