Senior/Staff Application Security Analyst (Bangkok based, relocation provided)
We are seeking a Senior/Staff Application Security Analyst to join Agoda's Security Department in Bangkok.
The role focuses on identifying, analyzing, and remediating vulnerabilities across the environment, with hands-on experience in penetration testing and vulnerability management.
Responsibilities
- Develop Security Automation Tools to implement solutions at scale
- Triage security findings from multiple tools and coordinate remediation with hundreds of teams within defined SLAs
- Conduct security assessments through code reviews, vulnerability assessments, penetration testing, and risk analysis
- Research the negative effects of vulnerabilities and adjust security controls to prevent recurrence
- Identify potential threats to protect the organization from malicious actors, including Vulnerability Management, Bug Bounty Program, and Penetration Testing
- Develop Security Training for developers
- Collaborate with the DevSecOps team to integrate tools into CI/CD and fine-tune rules and precision
What you'll Need to Succeed
- 5+ years in the information security field
- 5+ years of experience with Penetration Testing (Web, Infra, Mobile, APIs, etc.) and Vulnerability Management
- Minimum 1 year of experience running a bug bounty platform
- Minimum 2 years of experience with cloud environments (e.g., OpenShift, Rancher, Kubernetes, AWS, GCP, Azure)
- Experience performing security testing, including code review and web application security testing
- Familiarity with GitLab, DefectDojo, Jira, Confluence
- Proficient in one or more programming languages (e.g., Python, Go, Node.js)
- Familiarity with analytics platforms and databases (GraphQL, REST APIs, PostgreSQL, MSSQL, Kafka, Hadoop, S3)
- Strong knowledge of security assessment tools and scanners (e.g., Nessus, Acunetix)
Nice to Have
- Knowledge in Container Image Security, Dependency Checking, Fuzzing, and License Scanning
- Familiarity with security incident response processes and 0-days
- Security Certifications
- Relocation package is provided for Bangkok, Thailand
- Hybrid working model
- WFH setup allowance
- Remote working up to 30 days per year
- Employee discounts and global benefits
Benefits & Environment
- Hybrid/remote-friendly policy
- Global team with diverse nationalities
- Health and life insurance, parental leave, and wellness subscriptions
- Employee assistance programs and CSR opportunities
Equal Opportunity Employer: Agoda is committed to employment practices that are fair and non-discriminatory.
We will keep your application on file and you may request removal at any time.
For more details, please read our privacy policy.
#J-18808-Ljbffr