Application Security Analyst (Web Application)

RECRUIT EXPRESS PTE LTD

  • Policy & Procedures: Engage with the relevant stakeholders to establish and review corporate policy and procedures governing the secure development of applications.
  • Security Architecture & Design: Participate in "Shift Left" initiatives by performing threat modeling and architectural risk assessments during the design phase.
  • Vulnerability Management: Conduct regular SAST (Static), DAST (Dynamic), and SCA (Software Composition Analysis) scanning. Prioritize and triage results for development teams.
  • Code Review: Perform manual secure code reviews to identify logic flaws and vulnerabilities (OWASP Top 10) that automated tools might miss.
  • DevSecOps Integration: Assist in automating security checkpoints within CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions).
  • Remediation Guidance: Act as a consultant to developers, providing clear, actionable advice and code snippets to fix identified security gaps.
  • Training & Advocacy: Lead "Security Champion" programs and conduct secure coding workshops to foster a security-first culture.

QUALIFICATIONS AND EXPERIENCES

  • Education: Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field (or equivalent experience).
  • Experience: 3+ years in application security, penetration testing, or secure software development.

Technical Skills

  • Proficiency in at least one major language (e.g., Java, Python, JavaScript, or C#).
  • Deep understanding of web application vulnerabilities (SQLi, XSS, CSRF, SSRF).
  • Experience with security tools like Burp Suite, Checkmarx, Snyk, or Veracode.
  • Familiarity with container security (Docker/Kubernetes) and Cloud environments (AWS/Azure/GCP).
  • Certifications (Preferred): CSSLP, GWEB, CASE, or OSCP.

Core Competencies

  • Analytical Thinking: Ability to think like an attacker to foresee potential bypasses in application logic.
  • Communication: Exceptional ability to translate complex security risks into business impact for non-technical stakeholders.
  • Collaboration: A "builder" mindset—focused on enabling developers to work fast and securely, rather than just acting as a gatekeeper.

Interested applicants please send your resume to ***email_hidden***

Venessa Goh Wee Ni

R24124686

Recruit Express Pte Ltd

EA License No: 99C4599

We regret that only shortlisted candidates will be contacted.