Application Security Analyst #IFL

RECRUIT EXPRESS PTE LTD

Overview

This role is a critical bridge between the Cybersecurity and Software Engineering teams.

You will ensure that security is not an afterthought but a foundational component of the Software Development Life Cycle (SDLC). Guided by the enterprise's Secure Software Development Framework, your mission is to find, fix, and prevent vulnerabilities in our proprietary software before they can be exploited.

Job Responsibilities

  • Policy & Procedures

    Engage with relevant stakeholders to establish and review corporate policies and procedures governing the secure development of applications.
  • Security Architecture & Design

    Participate in "Shift Left" initiatives by performing threat modeling and architectural risk assessments during the design phase.
  • Vulnerability Management

    Conduct regular security scans, including SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing) and SCA (Software Composition Analysis). Prioritize and triage scan results for development teams.
  • Code Review

    Perform manual secure code reviews to identify logic flaws and vulnerabilities, including those outlined in the OWASP Top 10, that automated tools may miss.
  • DevSecOps Integration

    Assist in automating security checkpoints within CI/CD pipelines, such as: Jenkins, GitLab CI, GitHub Actions
  • Remediation Guidance

    Act as a security consultant to developers by providing clear, actionable remediation advice and code examples to address identified security gaps.
  • Training & Advocacy

    Lead Security Champion programs.Conduct secure coding workshops to foster a security-first culture across development teams.

Technical Skills

  • Proficiency in at least one major language (e.g., Java, Python, JavaScript, or C#).
  • Deep understanding of web application vulnerabilities (SQLi, XSS, CSRF, SSRF).
  • Experience with security tools like Burp Suite, Checkmarx, Snyk, or Veracode.
  • Familiarity with container security (Docker/Kubernetes) and Cloud environments (AWS/Azure/GCP).
  • Certifications (Preferred): CSSLP, GWEB, CASE, or OSCP.

Interested applicants, please Email, ***email_hidden***

Fabian Ling Tuong Liing

R25129353

Recruit Express Pte Ltd

EA Licence No: 99C4599

We regret that only shortlisted candidates will be contacted.