750 Application Security jobs in Singapore

What the role is

We are seeking an experienced Application Security Engineer to be part of the Platforms Architecture & Engineering (PAE) and strengthen our organisation's security posture by implementing robust security measures throughout our software development lifecycle. The ideal candidate will work closely with development teams and operation teams to ensure security is embedded in our applications from design to deployment.

What you will be working on

In this position, you will:

• Conduct security assessments, threat modelling, and code reviews to identify vulnerabilities in applications
• Design and implement security controls, authentication mechanisms, and encryption solutions
• Develop and maintain secure coding guidelines and security standards
• Collaborate with development teams to remediate security issues and provide guidance on secure coding practices
• Conduct security awareness training sessions for development teams
• Monitor and respond to security incidents related to application vulnerabilities
• Evaluate and implement security tools and technologies
• Maintain documentation of security processes and procedures

What we are looking for

• Bachelor's degree in Computer Science, Information Security, or related field
• At least 3 years of experience in application security or software development with security focus
• Strong knowledge of secure coding practices and OWASP Top 10 vulnerabilities
• Proficiency in common programming languages (e.g., .Net Core, Java, Python, JavaScript)
• Experience with security testing tools and methodologies
• Understanding of cryptography, authentication, and authorisation protocols
• Knowledge of common security frameworks and standards (ISO 27001, NIST, etc.)
• Security certifications (CISSP, CEH, OSCP, or equivalent)
• Experience with cloud security (AWS, Azure, GCP)
• Knowledge of DevSecOps practices and tools
• Familiarity with containerisation and microservices security
• Strong analytical and problem-solving abilities
• Excellent communication and collaboration skills
• Experience with security incident response

As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.

This is a 2-Year Contract. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.

What the role is

The Monetary Authority of Singapore (MAS) is Singapore's central bank and integrated financial regulator.

As central bank, MAS promotes sustained, non-inflationary economic growth through the conduct of monetary policy and close macroeconomic surveillance and analysis. It manages Singapore's exchange rate, official foreign reserves, and liquidity in the banking sector.

As an integrated financial supervisor, MAS fosters a sound financial services sector through its prudential oversight of all financial institutions in Singapore – banks, insurers, capital market intermediaries, financial advisors, and stock exchanges. It is also responsible for well-functioning financial markets, sound conduct, and investor education.

MAS also works with the financial industry to promote Singapore as a dynamic international financial centre. It facilitates the development of infrastructure, adoption of technology, and upgrading of skills in the financial industry.

Join us now, if you have a genuine interest in making an impact to help shape Singapore's economic and financial landscape.

What you will be working on

We are seeking an experienced Application Security Engineer to be part of the Application Architecture and Engineering Division (AAD) and strengthen our organisation's security posture by implementing robust security measures throughout our software development lifecycle. The ideal candidate will work closely with development teams and operation teams to ensure security is embedded in our applications from design to deployment.

In this position, you will:

• Conduct security assessments, threat modelling, and code reviews to identify vulnerabilities in applications
• Design and implement security controls, authentication mechanisms, and encryption solutions
• Develop and maintain secure coding guidelines and security standards
• Collaborate with development teams to remediate security issues and provide guidance on secure coding practices
• Conduct security awareness training sessions for development teams
• Monitor and respond to security incidents related to application vulnerabilities
• Evaluate and implement security tools and technologies
• Maintain documentation of security processes and procedures

What we are looking for

• Bachelor's degree in Computer Science, Information Security, or related field
• At least 3 years of experience in application security or software development with security focus
• Strong knowledge of secure coding practices and OWASP Top 10 vulnerabilities
• Proficiency in common programming languages (e.g., .Net Core, Java, Python, JavaScript)
• Experience with security testing tools and methodologies
• Understanding of cryptography, authentication, and authorisation protocols
• Knowledge of common security frameworks and standards (ISO 27001, NIST, etc.)
• Security certifications (CISSP, CEH, OSCP, or equivalent)
• Experience with cloud security (AWS, Azure, GCP)
• Knowledge of DevSecOps practices and tools
• Familiarity with containerisation and microservices security
• Strong analytical and problem-solving abilities
• Excellent communication and collaboration skills
• Experience with security incident response

As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.

This contract will end in Dec 2029. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.

Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a Trusted Partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, authentication services, governance and assurance services as well as managed processes. In a dynamic digital and cyber landscape, where trust & collaboration are key, ATS continues to drive mutually beneficial business outcomes through collaboration with GovTech, government agencies and commercial partners to mitigate cyber risks and bolster security postures.

You will be a member of the application security core center of competency under the Development & Innovation for Technology ProducTisation & Operations (DITTO) department.

You will provide application security consultancy and support to the application teams in areas such as security assessments, DevSecOps, security training and awareness to raise the application security level of competency and standards of our people and organisation.

Responsibilities

• Plan the application security roadmap to improve the way application security is practiced in the organisation.
• Develop secure application development practices, standards, guidelines, and solutions to raise the application security practices of our application teams.
• Maintain various application security processes and automated source code scanning platform in the organisation.
• Perform secure code quality reviews and conduct application penetration testing/vulnerability assessment.
• Support various types of application testing and delivery (e.g. CI/CD) within the organisation.
• Train and up-skill developers in the area of secure coding in various programming platforms such as Java, C#, PHP etc. and to write security acceptance criteria in user stories.
• Train the applications team to write security unit tests and perform secure coding assessments.
• Work with DevOps team to improve security in the CI/CD pipeline.

Requirements

• At least 3-5 years combined work experience in software development, application security and cloud computing (e.g. Azure, AWS).
• Experience in conducting manual secure source code review in at least one of the following programming platforms in both waterfall and Agile approach: Java, PHP, Javascript, C#, Android, iOS.
• Experience in threat modelling and able to establish threat profiles for application projects to identify, quantify and remediate application security risks.
• Experience working with mobile and web application programming interfaces (API) architecture (e.g. REST, SOAP, SSL/TLS).
• Demonstrate knowledge in industry security best practices such as OWASP Top 10, OWASP application security verification standard.
• Experience on using SAST code scanning tools such as Checkmarx, Sonarqube, etc.
• Familiar with Agile Development process, CI/CD, DevOps concepts, tools (Git, Gitlab, Github, Jenkins, Ansible etc) and how automated security testing can be incorporated into CI/CI pipelines.
• Collaborate extensively with various teams (application, networking, infrastructure) to maintain, establish and deliver application security services for the organisation.
• Good verbal/written communications skills and experience interacting with various stakeholders.
• Strong interest and passion for the field of application security.
• Strong problem-solving and troubleshooting skills.
• Self-reliant with an analytical and creative mind.
• Experience working with industry APIs such as Apigee or equivalent.
• Certification in CISSP (Certified Information Systems Security Professional)
• DevOps related certifications e.g. Azure DevOps Engineer Expert or AWS DevOps Engineer
• Offensive Security Certified Professional (OSCP), Offensive Security Web Expert (OWSE)
• Experience in working with Government Commercial Cloud (GCC)

Join us and discover a meaningful and exciting career with Assurity Trusted Solutions

The remuneration package will commensurate with your qualifications and experience. Interested applicants, please click "Apply Now".

We thank you for your interest and please note that only shortlisted candidates will be notified.

By submitting your application, you agree that your personal data may be collected, used and disclosed by Assurity Trusted Solutions Pte. Ltd. (ATS), GovTech and their service providers and agents in accordance with ATS's privacy statement which can be found at: or such other successor site.

Benefits

• A wholly-owned subsidiary of GovTech.
• We promote a learning culture and encourage you to grow and learn.

• Overall Security solution Architect with 8 yrs of experience
• Azure Certification, Security Specialty
• Shall possess the necessary skills, knowledge and experience in the following areas:
• Security management frameworks and governance;
• Security risk analysis and management;
• Security incident response and management; and
• Technical expertise in the Solution's platforms and technologies.

1. The Application Security Engineer shall have at least a Diploma in Computer Studies, or related discipline, and three (3) years' experiences as a Software Developer or Application Security Engineer.
2. The Application Security Engineer's experience should include experience in identifying security risks, analyzing application vulnerabilities, and directing solutions for remediations. Relevant certifications such as "Certified Secure Software Lifecycle Professional" would be advantageous.

About Us
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Lemon8, CapCut and Pico as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.
Why Join ByteDance
Inspiring creativity is at the core of ByteDance's mission. Our innovative products are built to help people authentically express themselves, discover and connect - and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and enrich life - a mission we work towards every day.
As ByteDancers, we strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our Company, and our users. When we create and grow together, the possibilities are limitless. Join us.
Diversity & Inclusion
ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
About the Security Assurance Team at ByteDance
The team is missioned to build infrastructures, platforms and technologies, as well as to support cross-functional teams to protect our users, products and infrastructures. In this team, you'll have a unique opportunity to have first-hand exposure to the strategy of the company in key security initiatives, especially in building scalable and secure-by-design systems and solutions. Our challenges are not your regular day-to-day technical problems; you'll be part of a team that's developing new solutions to new challenges of a kind not previously addressed by big tech. It's working fast, at scale, and we're making a difference.
Responsibilities
- Provide security engineering support to product teams to help identify potential security flaws in the early stages of SDLC.
- Continuously design and conduct penetration testing to determine if infrastructure components, systems and applications meet security standards in the staging/production environment.
- Discover security issues that appear under new threat scenarios, support incident response, forensics, remediation in a cross-functional environment driving towards incident resolution.
- Collaborate closely with other parts of the security team and product teams to design defense-in-depth controls that limit attackers' ability and improve our security postures.
- To identify risks and actively take ownership to resolve any potential security project issues.
- Continuously conduct security research and strive to innovate.
Minimum Qualifications
- Background in Computer Science, Computer Engineering, Information Systems or other STEM disciplines.
- Strong knowledge in some of these various disciplines: web application security, mobile app security, cloud security and thick client security.
- Solid experience in writing and reviewing code in at least one of the following programming languages: JavaScript (Node JS), Go, Python, Java, C++, Rust.
- Good project management skills and focused teamwork.
Preferred Qualifications
- Experience in independent supporting the application security of a business line
- CTF players, BugBounty experience with reputable statistics in HackerOne, BugCrowd etc.

• Overall Security solution Architect with 8 yrs of experience
• Azure Certification, Security Specialty
• Shall possess the necessary skills, knowledge and experience in the following areas:
• Security management frameworks and governance;
• Security risk analysis and management;
• Security incident response and management; and
• Technical expertise in the Solution's platforms and technologies.
• The Application Security Engineer shall have at least a Diploma in Computer Studies, or related discipline, and three (3) years' experiences as a Software Developer or Application Security Engineer.
• The Application Security Engineer's experience should include experience in identifying security risks, analyzing application vulnerabilities, and directing solutions for remediations. Relevant certifications such as "Certified Secure Software Lifecycle Professional" would be advantageous.

Job Description:

⦁ Overall Security solution Architect with 8 yrs of experience

⦁ Azure Certification, Security Specialty

⦁ Shall possess the necessary skills, knowledge and experience in the following areas:

⦁ Security management frameworks and governance.

⦁ Security risk analysis and management.

⦁ Security incident response and management; and

⦁ Technical expertise in Solution's platforms and technologies.

• The Application Security Engineer shall have at least a Diploma in Computer Studies, or related discipline, and three (3) years' experience as a Software Developer or Application Security Engineer.

• The Application Security Engineer's experience should include experience in identifying security risks, analyzing application vulnerabilities, and directing solutions for remediations. Relevant certifications such as "Certified Secure Software Lifecycle Professional" would be advantageous.

Job Type: Full-time

Pay: From $8,500.00 per month

• Overall Security solution Architect with 8 yrs of experience
• Azure Certification, Security Specialty
• Shall possess the necessary skills, knowledge and experience in the following areas:
• Security management frameworks and governance;
• Security risk analysis and management;
• Security incident response and management; and
• Technical expertise in the Solution’s platforms and technologies.

1. The Application Security Engineer shall have at least a Diploma in Computer Studies, or related discipline, and three (3) years’ experiences as a Software Developer or Application Security Engineer.
2. The Application Security Engineer’s experience should include experience in identifying security risks, analyzing application vulnerabilities, and directing solutions for remediations. Relevant certifications such as “Certified Secure Software Lifecycle Professional” would be advantageous.