702 Web Application Security jobs in Singapore

Web Application Security Engineer

Singapore, Singapore $80000 - $120000 Y JULIUS BAER

Posted today

Job Viewed

Tap Again To Close

Job Description

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let's shape the future of wealth management together.

Julius Baer Group Ltd. acts in the sector Private Banking and is present in over 25 countries and around 60 locations. With the Headquartered in Zurich, we have offices in key locations including Bangkok, Dubai, Dublin, Frankfurt, Geneva, Hong Kong, London, Luxembourg, Madrid, Mexico City, Milan, Monaco, Mumbai, Santiago de Chile, São Paulo, Shanghai, Singapore, Tel Aviv and Tokyo. Join our global team and play a critical role in safeguarding our digital landscape as a Senior Web Application Security Engineer with focus on Client Identity and Access Management as well as Web Application Firewall. We're seeking a skilled expert to maintain and enhance the protection of our online platforms, ensuring the highest level of security for our clients worldwide.

YOUR CHALLENGE

Main Job Responsibilities

  • Work closely with our global team of engineers to ensure the smooth operation and maintenance of the Client Identity and Access Management Platfrom (CIAM) as well as the Web Application Firewall (WAF) infrastructure
  • Develop and enhance authentication flows by utilizing modern authentication protocols to deliver a seamless desktop and mobile login experience for bank clients
  • Develop and maintain high-quality and secure codebases for multiple Single-Page Applications (SPAs), focusing on delivering seamless and efficient login experiences for clients
  • Collaborate with various stakeholders globally to onboard new client-facing web applications to the global CIAM platform
  • Review new or changed requirements and assess their feasibility as well as their impact on the surrounding systems, standards and guidelines
  • Troubleshoot issues as part of the 2nd and 3rd level support organization and take part in the on-call duty rotation
  • Enhance the automation and scalability of the WAF and CIAM infrastructure
  • Continuously improve the overall service reliability, security, performance and monitoring of the WAF / CIAM infrastructure
  • Continuously improve the service reliability, security, performance, monitoring, and automation of the WAF / CIAM infrastructure, with a focus on enhancing overall system availability and efficiency

Client Management (internal & external)

  • Various IT functions, both regionally and globally
  • Local Legal and Compliance functions

Business Management

  • Key local stakeholders include IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture and Project Managers
  • CRO functions – including Business Operational Risk, Information Security and Compliance functions
  • Global functions – IT Security Solutions, Security Architecture
  • Establish strong relationship with key stakeholders and across the internal IT

Regulatory Responsibilities &/OR Risk Management

  • Ensure appropriate ethical and compliant behaviour within the area of responsibility by clear demonstration of appropriate values and behaviours including but not limited to standards on honesty and integrity, due care and diligence, fair dealing (treating customers fairly), management of conflicts of interest, competence and continuous development, adequate risk management, and compliance with applicable laws and regulations

RANK APPLICABLE TO THE POSITION

  • Rank: AD
YOUR PROFILE

Professional and Technical

  • Minimum 4 years of experience in designing, implementing, and managing Web Application Firewall (WAF) and reverse proxy solutions, including products such as F5, Imperva, Nevis, Cloudflare, or open-source alternatives like ModSecurity
  • Proven experience in designing and implementing authentication and federation mechanisms, including SAML, OAuth, OIDC, and FIDO, with a strong understanding of identity and access management principles
  • Hands-on operational experience with highly available and scalable web infrastructure
  • Profound understanding of security best practices of web applications and APIs
  • Solid understanding of web communication protocols such as HTTP, TLS, Websocket, etc.
  • Experience in software engineering (Java, Spring Boot, React, Typescript) and operational experience with Kubernetes-based environments
  • Strong troubleshooting and structured problem-solving skills
  • Proficient in log analytics and correlation, with hands-on experience in Splunk, Elastic or similar toolings, to detect anomalies and investigate incidents and identify root causes
  • Good technical foundation of Linux operating systems and its command line tools
  • Relevant academic background (e.g., Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field) or industry-recognized certifications (e.g. CISSP, CEH) with relevant practical knowledge

Personal and Social

  • Team player, strong collaborator with the willingness to take ownership
  • Excellent English language skills, with ability to communicate clearly to diverse audiences, including technical teams and business stakeholders
  • Methodical and results-driven approach to new challenges and tasks
  • Ability to thrive in a globally distributed team environment
  • Strong desire to learn and develop new skills
  • Independent and self-driven

Regulatory

  • Good understanding of the technology regulatory framework in Singapore and Hong Kong

We are looking forward to receiving your full job application through our online application tool.

This advertiser has chosen not to accept applicants from your region.

Web Application Security Engineer APAC

Singapore, Singapore $120000 - $240000 Y JULIUS BAER

Posted today

Job Viewed

Tap Again To Close

Job Description

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let's shape the future of wealth management together.

Julius Baer Group Ltd. acts in the sector Private Banking and is present in over 25 countries and around 60 locations. With the Headquartered in Zurich, we have offices in key locations including Bangkok, Dubai, Dublin, Frankfurt, Geneva, Hong Kong, London, Luxembourg, Madrid, Mexico City, Milan, Monaco, Mumbai, Santiago de Chile, São Paulo, Shanghai, Singapore, Tel Aviv and Tokyo. Join our global team and play a critical role in safeguarding our digital landscape as a Web Application Security Engineer. We're seeking a skilled expert to maintain and enhance the protection of our online platforms, ensuring the highest level of security for our clients worldwide.

YOUR CHALLENGE

Main Job Responsibilities

  • Work closely with our global team of engineers to ensure the smooth operation and maintenance of the Web Application Firewall (WAF) infrastructure
  • Enhance the security of web applications and APIs by implementing advanced protective measures on the WAF and configuring custom application-specific security policies
  • Onboard new web applications and APIs onto the WAF infrastructure, ensuring seamless integration and optimal security
  • Evaluate new or changed business requirements and assess their feasibility, as well as their impact on surrounding systems, standards, and guidelines
  • Troubleshoot technical issues related to WAF, identifying root causes and developing effective solutions
  • Participate in the 2nd and 3rd level support organization, providing on-duty support and collaborating with other teams to resolve incidents
  • Continuously improve the service reliability, security, performance, monitoring, and automation of the WAF infrastructure, with a focus on enhancing overall system availability and efficiency

Client Management (internal & external)

  • Various IT functions, both regionally and globally
  • Local Legal and Compliance functions

Business Management

  • Key local stakeholders include IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture and Project Managers
  • CRO functions – including Business Operational Risk, Information Security and Compliance functions
  • Global functions – IT Security Solutions, Security Architecture
  • Establish strong relationship with key stakeholders and across the internal IT

Regulatory Responsibilities &/OR Risk Management

Ensure appropriate ethical and compliant behaviour within the area of responsibility by clear demonstration of appropriate values and behaviours including but not limited to standards on honesty and integrity, due care and diligence, fair dealing (treating customers fairly), management of conflicts of interest, competence and continuous development, adequate risk management, and compliance with applicable laws and regulations

RANK APPLICABLE TO THE POSITION

  • Rank: AD
YOUR PROFILE

Professional and Technical

  • Profound understanding of security best practices of web applications and APIs
  • Solid understanding of web communication protocols such as HTTP, TLS, Websocket, etc
  • Hands-on operational experience with highly available and scalable web infrastructure
  • Hands-on experience with operating WAF or reverse-proxy solutions such as F5, Imperva, Nevis, Cloudflare, or open-source alternatives like ModSecurity
  • Experience in software engineering (Java, Spring Boot, React, Typescript) and operational experience with Kubernetes-based environments
  • Strong troubleshooting and structured problem-solving skills
  • Skilled in log analytics and correlation, with hands-on experience in Splunk, Elastic or similar toolings, to investigate incidents and identify root causes
  • Familiarity with the implementation of authentication and federation mechanisms such as SAML, OAuth and OIDC and FIDO
  • Good technical foundation of Linux operating systems and its command line tools
  • Relevant academic background (e.g., Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field) or industry-recognized certifications (e.g. CISSP) with relevant practical knowledge is desired

Personal and Social

  • Team player, strong collaborator with the willingness to take ownership
  • Excellent communication skills in spoken and written form
  • Strong desire to learn and develop new skills
  • Methodical and results-driven approach to new challenges and tasks
  • Independent and self-driven
  • Ability to thrive in a globally distributed team environment

Regulatory

  • Good understanding of the technology regulatory framework in Singapore and Hong Kong

We are looking forward to receiving your full job application through our online application tool.

This advertiser has chosen not to accept applicants from your region.

Web Application Security Engineer APAC

Singapore, Singapore Julius Baer

Posted today

Job Viewed

Tap Again To Close

Job Description

Join to apply for the
Web Application Security Engineer APAC
role at
Julius Baer
1 week ago Be among the first 25 applicants
Join to apply for the
Web Application Security Engineer APAC
role at
Julius Baer
At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let’s shape the future of wealth management together.
Julius Baer Group Ltd. acts in the sector Private Banking and is present in over 25 countries and around 60 locations. With the Headquartered in Zurich, we have offices in key locations including Bangkok, Dubai, Dublin, Frankfurt, Geneva, Hong Kong, London, Luxembourg, Madrid, Mexico City, Milan, Monaco, Mumbai, Santiago de Chile, São Paulo, Shanghai, Singapore, Tel Aviv and Tokyo. Join our global team and play a critical role in safeguarding our digital landscape as a Web Application Security Engineer. We're seeking a skilled expert to maintain and enhance the protection of our online platforms, ensuring the highest level of security for our clients worldwide.
YOUR CHALLENGE
Main Job Responsibilities
Work closely with our global team of engineers to ensure the smooth operation and maintenance of the Web Application Firewall (WAF) infrastructure
Enhance the security of web applications and APIs by implementing advanced protective measures on the WAF and configuring custom application-specific security policies
Onboard new web applications and APIs onto the WAF infrastructure, ensuring seamless integration and optimal security
Evaluate new or changed business requirements and assess their feasibility, as well as their impact on surrounding systems, standards, and guidelines
Troubleshoot technical issues related to WAF, identifying root causes and developing effective solutions
Participate in the 2nd and 3rd level support organization, providing on-duty support and collaborating with other teams to resolve incidents
Continuously improve the service reliability, security, performance, monitoring, and automation of the WAF infrastructure, with a focus on enhancing overall system availability and efficiency
Client Management (internal & external)
Various IT functions, both regionally and globally
Local Legal and Compliance functions
Business Management
Key local stakeholders include IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture and Project Managers
CRO functions – including Business Operational Risk, Information Security and Compliance functions
Global functions – IT Security Solutions, Security Architecture
Establish strong relationship with key stakeholders and across the internal IT
Regulatory Responsibilities &/OR Risk Management
Ensure appropriate ethical and compliant behaviour within the area of responsibility by clear demonstration of appropriate values and behaviours including but not limited to standards on honesty and integrity, due care and diligence, fair dealing (treating customers fairly), management of conflicts of interest, competence and continuous development, adequate risk management, and compliance with applicable laws and regulations
RANK APPLICABLE TO THE POSITION
Rank: AD
YOUR PROFILE
Professional and Technical
Profound understanding of security best practices of web applications and APIs
Solid understanding of web communication protocols such as TLS, Websocket, etc
Hands-on operational experience with highly available and scalable web infrastructure
Hands-on experience with operating WAF or reverse-proxy solutions such as F5, Imperva, Nevis, Cloudflare, or open-source alternatives like ModSecurity
Experience in software engineering (Java, Spring Boot, React, Typescript) and operational experience with Kubernetes-based environments
Strong troubleshooting and structured problem-solving skills
Skilled in log analytics and correlation, with hands-on experience in Splunk, Elastic or similar toolings, to investigate incidents and identify root causes
Familiarity with the implementation of authentication and federation mechanisms such as SAML, OAuth and OIDC and FIDO
Good technical foundation of Linux operating systems and its command line tools
Relevant academic background (e.g., Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field) or industry-recognized certifications (e.g. CISSP) with relevant practical knowledge is desired
Personal and Social
Team player, strong collaborator with the willingness to take ownership
Excellent communication skills in spoken and written form
Strong desire to learn and develop new skills
Methodical and results-driven approach to new challenges and tasks
Independent and self-driven
Ability to thrive in a globally distributed team environment
Regulatory
Good understanding of the technology regulatory framework in Singapore and Hong Kong
We are looking forward to receiving your full job application through our online application tool. Further interesting job opportunities can be found on our Career site.
Is this not quite what you are looking for? Set up a
job alert
by creating a candidate account here.
Seniority level
Seniority level Mid-Senior level
Employment type
Employment type Full-time
Job function
Job function Information Technology
Industries Banking
Referrals increase your chances of interviewing at Julius Baer by 2x
Sign in to set job alerts for “Application Security Engineer” roles.
Application Security Engineer- Global Payment
Security Engineer - Application/Product Security, APAC
Application Security Engineer (AAD) (Contract)
Application Security Engineer Graduate (Security Assurance) - 2026 Start (BS/MS)
Application Security Engineer Intern, Security Assurance - 2025 Start
Application Security Engineer Graduate (Security Assurance) - 2026 Start (BS/MS)
Senior Application Security Engineer (Bangkok based, relocation provided)
Senior/Staff Application Security Engineer (Bangkok based, relocation provided)
Web Application Security Engineer (CIAM & WAF) APAC
Cyber Security Solution Architect, Cybersecurity, Technology Con
Cyber Security Solution Architect, (Cyber Transformation & Operation)
VP/AVP, End User Collaborative Service (Engineering), Future Ready Technology, Group Technology
Executive Systems Analyst (Network Specialist)
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr

This advertiser has chosen not to accept applicants from your region.

Web Application Security Engineer APAC

Singapore, Singapore Bank Julius Bär & Co. Ltd.

Posted today

Job Viewed

Tap Again To Close

Job Description

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let’s shape the future of wealth management together.Julius Baer Group Ltd. acts in the sector Private Banking and is present in over 25 countries and around 60 locations. With the Headquartered in Zurich, we have offices in key locations including Bangkok, Dubai, Dublin, Frankfurt, Geneva, Hong Kong, London, Luxembourg, Madrid, Mexico City, Milan, Monaco, Mumbai, Santiago de Chile, São Paulo, Shanghai, Singapore, Tel Aviv and Tokyo. Join our global team and play a critical role in safeguarding our digital landscape as a Web Application Security Engineer. We're seeking a skilled expert to maintain and enhance the protection of our online platforms, ensuring the highest level of security for our clients worldwide.# **YOUR CHALLENGE***Main Job Responsibilities*** Work closely with our global team of engineers to ensure the smooth operation and maintenance of the Web Application Firewall (WAF) infrastructure* Enhance the security of web applications and APIs by implementing advanced protective measures on the WAF and configuring custom application-specific security policies* Onboard new web applications and APIs onto the WAF infrastructure, ensuring seamless integration and optimal security* Evaluate new or changed business requirements and assess their feasibility, as well as their impact on surrounding systems, standards, and guidelines* Troubleshoot technical issues related to WAF, identifying root causes and developing effective solutions* Participate in the 2nd and 3rd level support organization, providing on-duty support and collaborating with other teams to resolve incidents* Continuously improve the service reliability, security, performance, monitoring, and automation of the WAF infrastructure, with a focus on enhancing overall system availability and efficiency**Client Management (internal & external)*** Various IT functions, both regionally and globally* Local Legal and Compliance functions**Business Management*** Key local stakeholders include IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture and Project Managers* CRO functions – including Business Operational Risk, Information Security and Compliance functions* Global functions – IT Security Solutions, Security Architecture* Establish strong relationship with key stakeholders and across the internal IT**Regulatory Responsibilities &/OR Risk Management*** Ensure appropriate ethical and compliant behaviour within the area of responsibility by clear demonstration of appropriate values and behaviours including but not limited to standards on honesty and integrity, due care and diligence, fair dealing (treating customers fairly), management of conflicts of interest, competence and continuous development, adequate risk management, and compliance with applicable laws and regulations**RANK APPLICABLE TO THE POSITION*** Rank:
AD# **YOUR PROFILE***Professional and Technical*** Profound understanding of security best practices of web applications and APIs* Solid understanding of web communication protocols such as TLS, Websocket, etc* Hands-on operational experience with highly available and scalable web infrastructure* Hands-on experience with operating WAF or reverse-proxy solutions such as F5, Imperva, Nevis, Cloudflare, or open-source alternatives like ModSecurity* Experience in software engineering (Java, Spring Boot, React, Typescript) and operational experience with Kubernetes-based environments* Strong troubleshooting and structured problem-solving skills* Skilled in log analytics and correlation, with hands-on experience in Splunk, Elastic or similar toolings, to investigate incidents and identify root causes* Familiarity with the implementation of authentication and federation mechanisms such as SAML, OAuth and OIDC and FIDO* Good technical foundation of Linux operating systems and its command line tools* Relevant academic background (e.g., Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field) or industry-recognized certifications (e.g. CISSP) with relevant practical knowledge is desired**Personal and Social*** Team player, strong collaborator with the willingness to take ownership* Excellent communication skills in spoken and written form* Strong desire to learn and develop new skills* Methodical and results-driven approach to new challenges and tasks* Independent and self-driven* Ability to thrive in a globally distributed team environment**Regulatory*** Good understanding of the technology regulatory framework in Singapore and Hong KongWe are looking forward to receiving your full job application through our online application tool. Further interesting job opportunities can be found on our .**job alert** by creating a candidate account .**The** **international reference in wealth management**Julius Baer is the leading Swiss wealth management group. We focus on servicing and advising sophisticated private clients from around the world, taking into account what truly matters to them – in their business and personal life, today and for future generations.Headquartered in Zurich, we are present in around 60 locations worldwide, including Bangkok, Dubai, Dublin, Frankfurt, Geneva, Hong Kong, London, Luxembourg, Madrid, Mexico City, Milan, Monaco, Mumbai, Santiago de Chile, Shanghai, Singapore, Tel Aviv, and Tokyo.At Julius Baer our employees enjoy the benefits of a global company with the support and collegiality of a much smaller one. We are growing quickly, but we remain dedicated to maintaining our accessible structure with flat hierarchies, and approachable and supportive leaders.With offices around the world, we offer an international and stimulating work environment and the opportunity to work with a diverse team of highly motivated colleagues, bringing the best of the bank to our clients.
Our core values of Care, Passion, and Excellence define the tone of how we interact with each other and our partners. **Committed to your success**Whether nurturing young talent with our renowned apprentice scheme, enabling ambitious university graduates to put theory into practice with our Graduate Programme, or providing first-class opportunities for experienced professionals, we look after our employees. We believe in continuous learning as a company and as individuals, which is why we put a focus on the health and well-being of our employees and offer flexible working options, a wide array of benefits, and extensive career development programmes.For more information visit
or contact us via the
.For recruiting agents, please see the additional information .
#J-18808-Ljbffr

This advertiser has chosen not to accept applicants from your region.

Manager (Penetration Test & Vulnerability Assessment)

Singapore, Singapore $90000 - $120000 Y Ministry of Defence Singapore

Posted today

Job Viewed

Tap Again To Close

Job Description

MINDEF

Permanent

Closing on 21 Sep 2025

What the role is

You will play a pivotal role in safeguarding Singapore's defence and security interests by conducting comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications.

What you will be working on

  • Conduct comprehensive Penetration Testing (PT), Vulnerability Assessments (VA), and Source Code Security Reviews on IT assets, including infrastructure, web applications, and military applications
  • Develop tailored security assessment tools and scripts to enhance testing capabilities and address evolving threat vectors
  • Document findings, conduct analysis, and prepare detailed technical reports, including executive summaries for various stakeholders
  • Collaborate with security engineers, developers, and other stakeholders to provide actionable guidance on remediating identified security risks and vulnerabilities
  • Provide expertise in the design and implementation of security controls across applications, infrastructure, and network systems
  • Develop and deliver specialised training and awareness programs to elevate the cybersecurity capabilities of the SAF personnel, with opportunities for growth in leadership and knowledge-sharing in the military cybersecurity context
  • Maintain up-to-date knowledge of emerging threats, security best practices, and industry-standard frameworks
    Challenge(s)
  • Maintaining consistent quality under time pressure
  • Quickly learning and troubleshooting various tools and platforms

What we are looking for

  • Education in Information Security, Computer Science, IT or a related field
  • Industry-recognised certifications such as CREST CRT, GPEN, or OSCP
  • At least 1 year of hands-on experience in conducting PT and VA, with a strong preference for experience in military or government-focused penetration testing
  • Experience conducting security assessments on application infrastructure, networks, and cloud-based systems
  • Strong understanding of web application, infrastructure, and network security architecture
  • Excellent communication and presentation skills, with a focus on conveying complex security findings to both technical and non-technical stakeholders
  • Ability to work independently and collaboratively within cross-functional teams
  • Highly analytical, self-driven, and committed to continuous learning and skill enhancement
  • Proficiency in scripting languages, such as Python, PowerShell, JavaScript, VBScript, Ruby, or Perl
  • Track record of identifying and disclosing vulnerabilities or recognition in Capture-The-Flag (CTF) competitions
  • Proficiency with tools such as BurpSuite, Metasploit, Nexpose, Nessus, and other industry-standard penetration testing and vulnerability assessment tools
    Appointment will be commensurate with your experience.
    Only shortlisted candidates will be notified.

About MINDEF

The mission of MINDEF and the Singapore Armed Forces is to enhance Singapore's peace and security through deterrence and diplomacy, and should these fail, to secure a swift and decisive victory over the aggressor.
The Defence Executive Officer (DXO) scheme is the non-uniformed career scheme of MINDEF that offers myriad opportunities in various job functions, such as corporate communications, cyber security, data analytics and visualisation, defence policy, finance, HR, psychology, and more. Embodying the same level of commitment towards defence, DXOs work together with their military counterparts to contribute to MINDEF/SAF's mission and ensure Singapore's security and stability. United by this common cause, our lines of defence complement each other to secure the prosperity and progress of our nation.

About your application process

This job is closing on 21 Sep 2025.

If you do not hear from us within 4 weeks of the job ad closing date, we seek your understanding that it is likely that we are not moving forward with your application for this role. We thank you for your interest and would like to assure you that this does not affect your other job applications with the Public Service. We encourage you to explore and for other roles within MINDEF or the wider Public Service.

This advertiser has chosen not to accept applicants from your region.

Application Security Engineer

Singapore, Singapore $102000 Y Horizon Corp

Posted today

Job Viewed

Tap Again To Close

Job Description

Job Description:

⦁ Overall Security solution Architect with 8 yrs of experience

⦁ Azure Certification, Security Specialty

⦁ Shall possess the necessary skills, knowledge and experience in the following areas:

⦁ Security management frameworks and governance.

⦁ Security risk analysis and management.

⦁ Security incident response and management; and

⦁ Technical expertise in Solution's platforms and technologies.

  1. The Application Security Engineer shall have at least a Diploma in Computer Studies, or related discipline, and three (3) years' experience as a Software Developer or Application Security Engineer.

  2. The Application Security Engineer's experience should include experience in identifying security risks, analyzing application vulnerabilities, and directing solutions for remediations. Relevant certifications such as "Certified Secure Software Lifecycle Professional" would be advantageous.

Job Type: Full-time

Pay: From $8,500.00 per month

This advertiser has chosen not to accept applicants from your region.

Application Security Engineer

$120000 - $240000 Y Monetary Authority of Singapore (MAS)

Posted today

Job Viewed

Tap Again To Close

Job Description

What the role is

We are seeking an experienced Application Security Engineer to be part of the Platforms Architecture & Engineering (PAE) and strengthen our organisation's security posture by implementing robust security measures throughout our software development lifecycle. The ideal candidate will work closely with development teams and operation teams to ensure security is embedded in our applications from design to deployment.

What you will be working on

In this position, you will:

  • Conduct security assessments, threat modelling, and code reviews to identify vulnerabilities in applications
  • Design and implement security controls, authentication mechanisms, and encryption solutions
  • Develop and maintain secure coding guidelines and security standards
  • Collaborate with development teams to remediate security issues and provide guidance on secure coding practices
  • Conduct security awareness training sessions for development teams
  • Monitor and respond to security incidents related to application vulnerabilities
  • Evaluate and implement security tools and technologies
  • Maintain documentation of security processes and procedures

What we are looking for

  • Bachelor's degree in Computer Science, Information Security, or related field
  • At least 3 years of experience in application security or software development with security focus
  • Strong knowledge of secure coding practices and OWASP Top 10 vulnerabilities
  • Proficiency in common programming languages (e.g., .Net Core, Java, Python, JavaScript)
  • Experience with security testing tools and methodologies
  • Understanding of cryptography, authentication, and authorisation protocols
  • Knowledge of common security frameworks and standards (ISO 27001, NIST, etc.)
  • Security certifications (CISSP, CEH, OSCP, or equivalent)
  • Experience with cloud security (AWS, Azure, GCP)
  • Knowledge of DevSecOps practices and tools
  • Familiarity with containerisation and microservices security
  • Strong analytical and problem-solving abilities
  • Excellent communication and collaboration skills
  • Experience with security incident response

As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.

This is a 2-Year Contract. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.

This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Web application security Jobs in Singapore !

Application Security Engineer

$100000 - $150000 Y Monetary Authority of Singapore (MAS)

Posted today

Job Viewed

Tap Again To Close

Job Description

What the role is

The Monetary Authority of Singapore (MAS) is Singapore's central bank and integrated financial regulator.

As central bank, MAS promotes sustained, non-inflationary economic growth through the conduct of monetary policy and close macroeconomic surveillance and analysis. It manages Singapore's exchange rate, official foreign reserves, and liquidity in the banking sector.

As an integrated financial supervisor, MAS fosters a sound financial services sector through its prudential oversight of all financial institutions in Singapore – banks, insurers, capital market intermediaries, financial advisors, and stock exchanges. It is also responsible for well-functioning financial markets, sound conduct, and investor education.

MAS also works with the financial industry to promote Singapore as a dynamic international financial centre. It facilitates the development of infrastructure, adoption of technology, and upgrading of skills in the financial industry.

Join us now, if you have a genuine interest in making an impact to help shape Singapore's economic and financial landscape.

What you will be working on

We are seeking an experienced Application Security Engineer to be part of the Application Architecture and Engineering Division (AAD) and strengthen our organisation's security posture by implementing robust security measures throughout our software development lifecycle. The ideal candidate will work closely with development teams and operation teams to ensure security is embedded in our applications from design to deployment.

In this position, you will:

  • Conduct security assessments, threat modelling, and code reviews to identify vulnerabilities in applications
  • Design and implement security controls, authentication mechanisms, and encryption solutions
  • Develop and maintain secure coding guidelines and security standards
  • Collaborate with development teams to remediate security issues and provide guidance on secure coding practices
  • Conduct security awareness training sessions for development teams
  • Monitor and respond to security incidents related to application vulnerabilities
  • Evaluate and implement security tools and technologies
  • Maintain documentation of security processes and procedures

What we are looking for

  • Bachelor's degree in Computer Science, Information Security, or related field
  • At least 3 years of experience in application security or software development with security focus
  • Strong knowledge of secure coding practices and OWASP Top 10 vulnerabilities
  • Proficiency in common programming languages (e.g., .Net Core, Java, Python, JavaScript)
  • Experience with security testing tools and methodologies
  • Understanding of cryptography, authentication, and authorisation protocols
  • Knowledge of common security frameworks and standards (ISO 27001, NIST, etc.)
  • Security certifications (CISSP, CEH, OSCP, or equivalent)
  • Experience with cloud security (AWS, Azure, GCP)
  • Knowledge of DevSecOps practices and tools
  • Familiarity with containerisation and microservices security
  • Strong analytical and problem-solving abilities
  • Excellent communication and collaboration skills
  • Experience with security incident response

As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.

This contract will end in Dec 2029. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.

This advertiser has chosen not to accept applicants from your region.

Application Security Engineer

Singapore, Singapore $120000 - $180000 Y Assurity Trusted Solutions

Posted today

Job Viewed

Tap Again To Close

Job Description

Assurity Trusted Solutions (ATS) is a wholly owned subsidiary of the Government Technology Agency (GovTech). As a Trusted Partner over the last decade, ATS offers a comprehensive suite of products and services ranging from infrastructure and operational services, authentication services, governance and assurance services as well as managed processes. In a dynamic digital and cyber landscape, where trust & collaboration are key, ATS continues to drive mutually beneficial business outcomes through collaboration with GovTech, government agencies and commercial partners to mitigate cyber risks and bolster security postures.

You will be a member of the application security core center of competency under the Development & Innovation for Technology ProducTisation & Operations (DITTO) department.

You will provide application security consultancy and support to the application teams in areas such as security assessments, DevSecOps, security training and awareness to raise the application security level of competency and standards of our people and organisation.

Responsibilities

  • Plan the application security roadmap to improve the way application security is practiced in the organisation.
  • Develop secure application development practices, standards, guidelines, and solutions to raise the application security practices of our application teams.
  • Maintain various application security processes and automated source code scanning platform in the organisation.
  • Perform secure code quality reviews and conduct application penetration testing/vulnerability assessment.
  • Support various types of application testing and delivery (e.g. CI/CD) within the organisation.
  • Train and up-skill developers in the area of secure coding in various programming platforms such as Java, C#, PHP etc. and to write security acceptance criteria in user stories.
  • Train the applications team to write security unit tests and perform secure coding assessments.
  • Work with DevOps team to improve security in the CI/CD pipeline.

Requirements

  • At least 3-5 years combined work experience in software development, application security and cloud computing (e.g. Azure, AWS).
  • Experience in conducting manual secure source code review in at least one of the following programming platforms in both waterfall and Agile approach: Java, PHP, Javascript, C#, Android, iOS.
  • Experience in threat modelling and able to establish threat profiles for application projects to identify, quantify and remediate application security risks.
  • Experience working with mobile and web application programming interfaces (API) architecture (e.g. REST, SOAP, SSL/TLS).
  • Demonstrate knowledge in industry security best practices such as OWASP Top 10, OWASP application security verification standard.
  • Experience on using SAST code scanning tools such as Checkmarx, Sonarqube, etc.
  • Familiar with Agile Development process, CI/CD, DevOps concepts, tools (Git, Gitlab, Github, Jenkins, Ansible etc) and how automated security testing can be incorporated into CI/CI pipelines.
  • Collaborate extensively with various teams (application, networking, infrastructure) to maintain, establish and deliver application security services for the organisation.
  • Good verbal/written communications skills and experience interacting with various stakeholders.
  • Strong interest and passion for the field of application security.
  • Strong problem-solving and troubleshooting skills.
  • Self-reliant with an analytical and creative mind.
  • Experience working with industry APIs such as Apigee or equivalent.
  • Certification in CISSP (Certified Information Systems Security Professional)
  • DevOps related certifications e.g. Azure DevOps Engineer Expert or AWS DevOps Engineer
  • Offensive Security Certified Professional (OSCP), Offensive Security Web Expert (OWSE)
  • Experience in working with Government Commercial Cloud (GCC)

Join us and discover a meaningful and exciting career with Assurity Trusted Solutions

The remuneration package will commensurate with your qualifications and experience. Interested applicants, please click "Apply Now".

We thank you for your interest and please note that only shortlisted candidates will be notified.

By submitting your application, you agree that your personal data may be collected, used and disclosed by Assurity Trusted Solutions Pte. Ltd. (ATS), GovTech and their service providers and agents in accordance with ATS's privacy statement which can be found at: or such other successor site.

Benefits

  • A wholly-owned subsidiary of GovTech.
  • We promote a learning culture and encourage you to grow and learn.
This advertiser has chosen not to accept applicants from your region.

Application Security Engineer

Singapore, Singapore BYTEDANCE PTE. LTD.

Posted today

Job Viewed

Tap Again To Close

Job Description

About Us
Founded in 2012, ByteDance's mission is to inspire creativity and enrich life. With a suite of more than a dozen products, including TikTok, Lemon8, CapCut and Pico as well as platforms specific to the China market, including Toutiao, Douyin, and Xigua, ByteDance has made it easier and more fun for people to connect with, consume, and create content.
Why Join ByteDance
Inspiring creativity is at the core of ByteDance's mission. Our innovative products are built to help people authentically express themselves, discover and connect - and our global, diverse teams make that possible. Together, we create value for our communities, inspire creativity and enrich life - a mission we work towards every day.
As ByteDancers, we strive to do great things with great people. We lead with curiosity, humility, and a desire to make impact in a rapidly growing tech company. By constantly iterating and fostering an "Always Day 1" mindset, we achieve meaningful breakthroughs for ourselves, our Company, and our users. When we create and grow together, the possibilities are limitless. Join us.
Diversity & Inclusion
ByteDance is committed to creating an inclusive space where employees are valued for their skills, experiences, and unique perspectives. Our platform connects people from across the globe and so does our workplace. At ByteDance, our mission is to inspire creativity and enrich life. To achieve that goal, we are committed to celebrating our diverse voices and to creating an environment that reflects the many communities we reach. We are passionate about this and hope you are too.
About the Security Assurance Team at ByteDance
The team is missioned to build infrastructures, platforms and technologies, as well as to support cross-functional teams to protect our users, products and infrastructures. In this team, you'll have a unique opportunity to have first-hand exposure to the strategy of the company in key security initiatives, especially in building scalable and secure-by-design systems and solutions. Our challenges are not your regular day-to-day technical problems; you'll be part of a team that's developing new solutions to new challenges of a kind not previously addressed by big tech. It's working fast, at scale, and we're making a difference.
Responsibilities
- Provide security engineering support to product teams to help identify potential security flaws in the early stages of SDLC.
- Continuously design and conduct penetration testing to determine if infrastructure components, systems and applications meet security standards in the staging/production environment.
- Discover security issues that appear under new threat scenarios, support incident response, forensics, remediation in a cross-functional environment driving towards incident resolution.
- Collaborate closely with other parts of the security team and product teams to design defense-in-depth controls that limit attackers' ability and improve our security postures.
- To identify risks and actively take ownership to resolve any potential security project issues.
- Continuously conduct security research and strive to innovate.
Minimum Qualifications
- Background in Computer Science, Computer Engineering, Information Systems or other STEM disciplines.
- Strong knowledge in some of these various disciplines: web application security, mobile app security, cloud security and thick client security.
- Solid experience in writing and reviewing code in at least one of the following programming languages: JavaScript (Node JS), Go, Python, Java, C++, Rust.
- Good project management skills and focused teamwork.
Preferred Qualifications
- Experience in independent supporting the application security of a business line
- CTF players, BugBounty experience with reputable statistics in HackerOne, BugCrowd etc.
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Web Application Security Jobs