-logo.jpg?width=200){kind=logo}
Quy mô công ty : 1000-4999
Xem thêmPropertyGuru (Batdongsan.com.vn)
Role Specifics
As a Senior Security Engineer, you will -
• Be working in a fast-paced DevSecOps environment where it is paramount to control security testing into a continuous deployment/integration flow.
• Play a lead role in developing and designing application-level security controls and standards.
• Perform application security design reviews against new products and services, track and prioritize all security issues, and help build internal security tools that help fix security problems at scale.
• Perform code review and drive remediation of discovered issues.
• Enable automated security testing at scale to measure vulnerability and report on risk across all microservice, web, and mobile platforms.
• Execute security tests on servers that are spread across on-premise and public cloud data centers.
• Be a part of the global security organization, sharing security best practices and standards
Responsibilities
As part of the Security team responsible for PropertyGuru application security, you will -
• Oversee secure SDLC, application vulnerability assessments, secrets management & and application security compliance for various certifications.
• Assist software developers through source code security reviews, security testing, source code analysis or vulnerability assessments to manage SSDLC security risks using manual & and automated testing.
• Integrate application security in every aspect of CI/CD using tools and implement security gates to ensure secure and compliant code is deployed.
• Create automation scripts/tools whenever required to improve the efficiency of the security posture.
• Work closely with developers, infrastructure engineers & SOC to reproduce reported security issues and work with them to prioritize, test and remediate issues.
• Be required to monitor, respond, investigate, and report on application security events.
• Independently audit and review our key technology platforms, libraries, and security tools to propose an execution plan for security improvements.
• Work with business and technology teams in delivering security projects aligned with the security roadmap.
• Evaluate and make recommendations on new security products and advise on implementation into existing environments and external partners
• Implementing, operating and supporting security tooling, cloud security, services and patterns to support IT delivery teams.
• Assist teams in the identification and management of security risks, through technical security testing or security risk assessments.
• Support or facilitate major security incident response processes by providing technical security leadership.
• Acts as an escalation point for security issues to on-call staff
Why you'll love working here
• Competitive salary depending on skills and capabilities
• 13th-month salary and performance bonuses based on the business performance
• 17 days of paid leave
• Global product with millions of new users every month
• Comfortable working conditions: Hybrid working time
• Good career growth opportunities with interesting and challenging projects English, technical, and soft skills training courses
• Additional healthcare insurance and annual health check-ups
• Light beverages and food are available all the time in the office
• Outdoor activities with company support: sports clubs, team building, happy hour parties, birthday, company trips, staff, and family events, etc
• 4-6 years of hands-on experience working as an application security engineer on AWS & GCP Cloud, application security tools, automated security scanning, threat modeling, secure coding, cryptography, identity management & and authentication and conducting vulnerability assessments, preferably in product companies.
• An analytical mind for problem-solving, abstract thought, and offensive security tactics.
• Experience with programming/ scripting for day-to-day security operations such as log or data analysis, tool integrations via API & security test automation.
• Full understanding of the web stack, web security, common application vulnerabilities & and mitigations.
• Experience collaborating on Software development security and Infrastructure security testing during CI/CD is necessary.
• Ability to guide and train software developers and product teams in application security & and secure software development.
• Familiarity with and ability to explain common security vulnerabilities and ways to address them.
• Strong understanding of container technologies and open-source tools
• Excellent communication skills, both written and verbal, can articulate complex topics clearly and concisely.
• Knowledge of application security for ISO27001, SOC 2, NIST CSF, SOX compliance, ITGC & ISO 27701/ GDPR will be preferred.
• Basic penetration testing skills.
• You should be fluent in Vietnamese & also have a working knowledge of English.
English
Nói: Intermediate - Đọc: Intermediate - Viết: Intermediate
-logo.jpg){kind=logo}
Over 11 years of construction and development, the Company has firmly established its position and is known as one of the few young media companies with the fastest, most dynamic and creative development speed. The current.
Dai Viet currently owns the website Batdongsan.com.vn - the website rated by reputable website Comscore and SimilarWeb rated as the largest real estate information channel in Southeast Asia. with leading websites of the same field in countries in the region such as Singapore, Malaysia, Indonesia ...
Currently, each day the website updates more than 15,000 new listings, website visits reach nearly 240,000 visits and 1.6 million page views (pageviews) / day.
In 2018, Asia's leading online real estate group - PropertyGuru - made a strategic investment and became the largest shareholder in Batdongsan.com.vn.
-logo.jpg){kind=logo}
