Application Security Engineer

JOB DESCRIPTION

Job purpose:
We are seeking an experienced Application Security Engineer to join our team. This role will collaborate with other IT professionals as part of our security engineering team to anticipate and correct vulnerabilities in both client-facing and internal applications. The ideal candidate will not just be an expert in application security but have the expertise and capability to provide technical leadership and guidance on security best practices to the entire development team.
Key responsibilities:
Perform proof of concept testing for new security products
Evaluate new technologies and tools that will impact organization security.
Analyze proprietary and third-party software to identify and address security concerns.
Assess the organization’s security architecture and scan code to identify vulnerabilities.
Guide development teams on defensive coding and remediation techniques
Provide security training and guidance for developer teams
Review existing applications and software to identify security improvements
Install, configure, and use new security tools implemented by the organization
Develop and refine app and product security best practices
Maintain documentation of application security controls
Conduct penetration testing and provide retesting support
Serve as a subject matter expert on common attack vectors and application security for developer teams and organization leadership

JOB REQUIREMENT

4+ years of experience in an IT role, preferably in a security team
Experience assessing vulnerabilities in business software and systems.
Experience establishing software development policies.
Experience with application design, risk assessment, and penetration testing
Experience performing blackbox, greybox, and whitebox security assessments of applications using HTTP and/or proprietary protocols
Container DevSecOps experience
Proficient in at least one programming language such as Java, .NET, or Python
Deep knowledge of common security vulnerabilities
Knowledge of application architectural patterns (MVC, Microservices, etc.)
Knowledge of secure development lifecycle principles
Strong problem-solving and analytical skills
Education and Experience required: Bachelor’s degree in engineering, computer science, information security, or a related field
Prefer Qualifications
Experience with iOS or Android security
Certification in information security (CISSP, CISM, CEH, etc.)

WHAT'S ON OFFER

Competitive salary
13th salary and performance bonus
15 days Annual Leave and 5 days Sick Leave
Healthcare Insurance for employee
Laptop Provided
Career path, training courses
Other benefits of Company will be share details in the offer stage

CONTACT

PEGASI – IT Recruitment Consultancy | Email: recruit@pegasi.com.vn | Tel: +84 28 3622 8666
We are PEGASI – IT Recruitment Consultancy in Vietnam. If you are looking for new opportunity for your career path, kindly visit our website www.pegasi.com.vn for your reference. Thank you!

Job Summary

Company Type:

Product

Technical Skills:

Security

Location:

Ho Chi Minh - Viet Nam

Working Policy:

Salary:

Negotiation

Job ID:

J01301

Status:

Close

Related Job:

Partner Implementation Engineer (Security & Digital Trust)

Ha Noi - Viet Nam

Outsource

Đóng vai trò là người thực hiện triển khai chủ chốt, chịu trách nhiệm triển khai, cấu hình và tích hợp các giải pháp Security & Digital Trust (PKI, Chữ ký số, Mã hóa, MFA) vào hệ thống thực tế của khách hàng, đảm bảo hệ thống vận hành ổn định, bảo mật và đúng thiết kế. Triển khai hệ thống (Implementation) Chuẩn bị môi trường: kiểm tra hạ tầng (Server, Hệ điều hành, Cơ sở dữ liệu, Mạng) Cài đặt & cấu hình giải pháp: PKI / CA / Chữ ký số / MFA / Mã hóa Thiết lập chính sách bảo mật, quy trình nghiệp vụ Kết nối với thiết bị bảo mật (HSM, Quản lý Khóa) Triển khai trên nền tảng Cloud / Container (nếu có) Triển khai hệ thống trên Kubernetes / OpenShift Cấu hình tài nguyên (YAML: Pod, Dịch vụ, Ingress, Bản đồ Cấu hình, Bí mật) Thiết lập lưu trữ (Khối Lưu trữ Không gian); mạng nội bộ Áp dụng các chính sách bảo mật cho container Tích hợp hệ thống (Integration) Hỗ trợ tích hợp với: Trang web/ Ứng dụng/ Giao diện lập trình ứng dụng và IAM / SSO / AD / LDAP Hướng dẫn sử dụng API/SDK Kiểm tra luồng dữ liệu & bảo mật giao tiếp Phối hợp với nhóm khách hàng (Phát triển / Cơ sở hạ tầng / Bảo mật) Kiểm thử & nghiệm thu (QA/UAT) Thực hiện kiểm thử kỹ thuật & kịch bản vận hành Hỗ trợ UAT với khách hàng Kiểm tra tính đúng đắn của: Chữ ký số; Chứng thư và Luồng xác thực Vận hành & hỗ trợ Giám sát hệ thống, phân tích log, xử lý sự cố Hỗ trợ sau triển khai (L2/L3) Đảm bảo hệ thống hoạt động ổn định & HA Tài liệu & chuyển giao Xây dựng tài liệu triển khai (cấu trúc, cấu hình) Hướng dẫn vận hành cho khách hàng Đào tạo kỹ thuật cơ bản

Negotiation

View details

DevOps Engineer

Others - Viet Nam

Product

  • Devops
  • Kubernetes
  • Network

Managing and developing our Kubernetes platform across multiple clusters and environments including production, development, on-premises and public cloud. Designing and overseeing hybrid cloud infrastructure across on-premises and public clouds (such as GCP, AWS), including workload placement, cross-cloud networking, and unified resource management. Taking responsibility for the end-to-end CI/CD and GitOps process, including container build pipelines, image optimization, and progressive delivery using tools like ArgoCD/FluxCD. Taking charge of the observability stack to provide a comprehensive view across all clusters using tools like Grafana, Mimir, Tempo, Loki, Pyroscope, OnCall, Prometheus, and supporting agent-assisted SRE workflows. Managing and enhancing our inference platform, including vLLM serving and AIBrix for multi-model orchestration and autoscaling with a fleet of NVIDIA GPUs. Operating platform services such as Kafka, Redis, PostgreSQL, OpenSearch. Managing identity and access management with Keycloak integrated with Google Workspace, strengthening SSO, RBAC, and secrets management across the platform. Strengthening network security across private load balancers, firewalls, and VPC segmentation and designing and maintaining hub-and-spoke/multi-AZ topologies. Supporting training infrastructure with self-service VM provisioning, RunPod burst capacity, and Weights and Biases integration. Driving infrastructure reliability, cost efficiency, and capacity planning as the platform scales.

Negotiation

View details

Platform Engineer

Ho Chi Minh - Viet Nam

Product

  • Backend
  • Devops
  • Data Engineering

Create and maintain distributed infrastructure responsible for handling telemetry, sensory, and control data in cloud and edge environments Develop and operate data ingestion and streaming pipelines connecting robot fleets to the cloud in real-time, including video, joint states, audio, and LiDAR Build and manage backend services and APIs for the developer-facing platform, prioritizing reliability and excellent developer experience Oversee and improve cloud-native infrastructure utilizing Kubernetes, Docker, and infrastructure as code tooling Ensure platform reliability through monitoring, alerting, autoscaling, failover, and incident response Provide support to ML and robotics teams with data infrastructure for training pipelines, policy rollout, and hardware-in-the-loop simulation Implement secure APIs with access control, rate limiting, and usage metering to accommodate scaling efforts

Negotiation

View details