Application Security EngineerCÔNG TY TNHH CỐC CỐC

Ngành nghề: IT phần mềm, IT phần cứng/mạng

Thu nhập: Thỏa thuận

Hình thức: Toàn thời gian

Ngày đăng: 14/11/2024

Hạn nộp: 14/12/2024

Ứng tuyển

Phản ánh

As a Middle to Senior Application Security Engineer at Cốc Cốc, you will play a pivotal role in safeguarding our applications by implementing security best practices, identifying vulnerabilities, and driving continuous improvement in our secure development life cycle. You will collaborate closely with development, DevOps, and IT teams to integrate security practices at every stage of the software development process.

RESPONSIBILITIES

Application Security Assessments: Perform regular vulnerability assessments, security code reviews, and penetration tests to identify and mitigate risks in web and mobile applications.
Secure Software Development Lifecycle (SDLC): Integrate security best practices and automated security testing within the SDLC, including threat modeling, static and dynamic code analysis, and vulnerability scanning.
Automation and Tooling: Enhance security through automation, leveraging security tools for continuous integration (CI/CD), and developing scripts or custom solutions for repetitive security tasks.
Training & Awareness: Conduct security training and awareness sessions for developers, empowering them with secure coding practices and knowledge of the latest security trends.
Documentation: Maintain thorough and up-to-date documentation of security policies, procedures, and assessments.
Security Design Reviews: Work with development and product teams to conduct security design reviews for new features and architectures, ensuring they align with security policies and best practices.
Incident Response: Assist with incident response efforts related to application security issues, perform root cause analysis, and provide guidance for remediation.
Threat Intelligence & Monitoring: Stay updated on the latest security threats, vulnerabilities, and industry trends, and incorporate relevant intelligence into security assessments.

REQUIREMENTS

Experience: 3+ years (Middle) / 5+ years (Senior) in application security, with hands-on experience in secure software development, security assessment, and vulnerability management.

Technical Skills:

Strong understanding of application security principles, vulnerabilities (e.g., OWASP Top 10, SANS 25), and mitigation strategies.
Proficiency in languages like Python, JavaScript, or other programming languages relevant to Coc Coc's tech stack.
Experience with security tools such as Burp Suite, OWASP ZAP, Snyk, Fortify, or equivalent.
Familiarity with CI/CD pipelines and integrating security into DevOps processes.
Certifications (Preferred): Relevant security certifications (e.g., OSCP, CISSP, CEH, or GWAPT) are a plus.

Soft Skills: Strong analytical skills, attention to detail, and excellent communication abilities to effectively work with cross-functional teams.

HIRING PROCESS

Phone Screening > Onsite Interviews > Offering

WHY YOU'LL LOVE WORKING FOR CỐC CỐC

Few countries have local challengers in the search and browser space. Vietnam is one of those countries thanks to Cốc Cốc. There are a lot of challenges in competing against dominant global players, but also lots of rewards when we succeed.

Competitive benefits:

Competitive salary and bonus scheme with a 13th month salary.
Performance review twice/year with opportunity to grow or rotate internally.
Special annual leave policy with minimum 19 days/year, plus 1 day off on your birthday.
Annual WFH policy.
Advanced 24/7 Health Insurance for all employees.
Great Trade Union benefits such as birthdays, marriage, new born child...

Professional growth:

Opportunities to learn and grow through regular training programs, coaching and internal sharing.
Work in a diverse environment with talented colleagues and partners/customers, local and expats.

Positive workplace:

Different exciting internal events to make you part of the Cốc Cốc family.
Cozy pantry with plenty of snacks, juice and coffee/tea every day.
Many interesting hobby clubs to share your passions like English Club, Yoga, Billard or Football.

Nộp hồ sơ ngay

Giới thiệu công ty

CÔNG TY TNHH CỐC CỐC việc làm

Thương lượng

03/12/2024

Vị trí Application Security Engineer do công ty CÔNG TY TNHH CỐC CỐC tuyển dụng tại , Joboko tự động tổng hợp mức lương Thỏa thuận, tìm thêm việc làm về Application Security Engineer hoặc công ty CÔNG TY TNHH CỐC CỐC ở các link phía trên

Giới thiệu công ty