Application Security Engineer

SPH Media Trust  

Job Description

Job Title: Application Security Engineer


We are looking for experienced Application Security Engineer to effectively maintain the automated
source code scanning platform, to perform secure code reviews as well as support the automated
penetration test delivery within the organization and also upskill the developers by training on secure
coding.

Responsibilities


● Responsible to propose and integrate security practices and processes into software
development to ensure the delivery of applications have vulnerabilities resolved and
mitigated
● Responsible to develop secure application development practices, standards, guidelines
and solutions towards adopting technical best practices and uplifting the Application
Security (AppSec) capabilities within the organization
● Perform Application Security assessment using a combination of threat modelling,
vulnerability research, code scanning, application security testing with recommendation
of proper remediation actions
● Work closely with Development for vulnerability mitigations and help in removing the
false positive from the static and dynamic application security report
● Work closely with DevOps Team to create tools and automation to help test and improve
the security in the CI/CD pipeline like Jenkins, Bitrise, AWS Codebuild etc
● Identify gaps in security and improve security protocols and procedures in application
development processes
● Enhance security competency in development teams implementing the secure coding
training platform like Secure Code Warrior
● Provide training to the development team on security standards, policies, procedures
and best practices related to secure coding for Web and Mobile


Job Requirements

Mandatory Skill-set


● Bachelor in Computer Science or related field required;
● Has at least 1- years of work experience in development;
● Has at least 3 - years of work experience in the area of application security;
● Experienced in conducting secure code review, dynamic application security
testing and manual security testing for both Web and Mobile applications;
● Experience in threat modelling - able to prepare threat profile to identify, quantify and
address security risks;
● Familiar with CI/CD and DevOps concepts and how security testing can be integrated
and automated as part of software delivery pipelines;
● Familiar with secure Web Services, Web and mobile API architecture (such as REST,
SOAP, SSL/TLS, HTTPS);
● Familiar with common web,mobile application vulnerabilities and technical knowledge to
address and mitigate vulnerabilities;
● Knowledge of security best practices, secure coding practice guidelines, OWASP
top 10 web and mobile;
● Excellent communication and presentation skills.


Desired Skill-Set


● Knowledge of Static Application security tools like Fortify, Checkmarx, Burp suite
professional, Qualys, Webinspect;
● Knowledge in implementing the open source scanner tool like Sonatype, Blackduck;
● Knowledge in Container security implementation;
● Knowledge in Cloud Security like AWS, Google Cloud Platform;
● Handling the Bug Bounty Program and issue tracking.
● Industrial certification like CEH

  • Permanent / Full Time
SPH Media Trust  
Work Location
  • Toa Payoh
More from this company
Customer Experience Officers (Contact Centre)

SPH Media Trust

We seek highly motivated individualswho are keen to pursue a career in contact centre customer service to join our Customer...

More Info
Technician/Senior Technician (Times Properties)

SPH Media Trust

Check and fix mechanical and electrical installations in large office buildings Carry out routine and preventive mechanical and electrical maintenance...

More Info
Admin Assistant (Print Order Processing)

SPH Media Trust

We are looking for a diligent individual to join the Print Order Processing team which is responsible for the accuracy...

More Info
Sub Editor (Tamil Murasu)

SPH Media Trust

Started in 1935, Tamil Murasu is Singapores only Tamil language newspaper. Tamil Murasu is the main information source for the...

More Info
Product Manager / Senior (Straits Times)

SPH Media Trust

As a Product Manager you will be responsible for executing the product strategy, developing innovative digital products, defining the ideas...

More Info