JOB OPENINGS > Cloud Application Security Engineer (Bangkok based – Relocation provided)
Date Posted:
May 13, 2022
Location:
Thailand
Job type:
Permanent

Contact consultant

Don Manalo

Managing Consultant
Specialisation
Internet

Our client is a TravelTech company that builds and deploy cutting-edge technology, connecting travelers with more than 2.5 million accommodations globally. Based in Asia and part of Booking Holdings, they have 4,000+ employees representing 90+ nationalities to foster a work environment rich in diversity, creativity, and collaboration. They pride themselves on innovating through a culture of experimentation and ownership, enhancing the ability for their customers to experience the world.

Relocation support will be provided for you and your family to help you settle into the new environment.

Get to Know The Team: 

The Security Department oversees security, compliance, GRC, and security operations for the company. They are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees in order to keep the company safe and protected. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment. 

In this Role, you’ll get to: 

  • Play a lead role in developing and designing application-level security controls and standards. 
  • Perform application security design reviews against new products and services. 
  • Track and prioritize all security issues. 
  • Build internal security tools that help fix security problems at scale. 
  • Perform code review and drive remediation of discovered issues. 
  • Enable automated security testing at scale to measure vulnerability, and report on risk across all microservice, web and mobile platforms. 
  • Execute security tests on thousands of servers which are spread across multiple data centers. 
  • Help design and secure Cloud Native applications.

What you’ll Need to Succeed: 

  • Strong foundations in software engineering. 
  • Minimum of 4 years of technical experience with any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security. 
  • Minimum 2yr Experience with software development lifecycle in one or more languages (Rust, Python, Go, Nodejs, etc.)
  • Minimum 1yr experience with public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.) 
  • Experience in running assessments using OWASP MASVS and ASVS. 
  • Working knowledge on exploiting and fixing application vulnerabilities. 
  • Strong background in threat modeling. 
  • In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10). 
  • Familiarity with automated dynamic scanners, fuzzers, and proxy tools. 
  • An analytical mind for problem solving, abstract thought, and offensive security tactics. 
  • Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences 

It’s great if you have: 

  • Security certifications
APPLY NOW