FPT Software

M03 - IT Security Officer (Application Security)

FPT Software  •  Singapore, SG (Onsite)  •  3 hours ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

We are seeking an experienced Application Security Consultant to drive secure application development practices, perform security assessments, and support cloud security initiatives. The ideal candidate will have strong expertise in application security, secure SDLC, DevSecOps, threat modelling, and cloud technologies.

Responsibilities


  • Perform application security assessments and reviews for web, mobile, and cloud-based applications.

  • Conduct threat modelling exercises to identify, assess, and mitigate application security risks.

  • Establish threat profiles and recommend security controls for application projects.

  • Track, manage, and remediate security vulnerabilities through timely patching and remediation processes.

  • Integrate security best practices and automated security testing into CI/CD pipelines.

  • Conduct security awareness training and promote secure coding practices across development teams.

  • Collaborate with developers, engineers, and stakeholders to strengthen application security posture.

  • Support security governance, risk management, and compliance initiatives.

Requirements


  • Minimum 4 years of combined experience in software development, application security, and cloud computing (AWS preferred).

  • Strong understanding of web and mobile application architectures and APIs, including REST, SOAP, SSL/TLS.

  • Experience in threat modelling and application security risk assessment.

  • Strong knowledge of application security standards and frameworks, including:

    • OWASP Top 10

    • OWASP Application Security Verification Standard (ASVS)

  • Familiarity with Agile development methodologies, DevOps practices, and CI/CD pipelines.

  • Experience integrating security testing into development workflows.

  • Hands-on experience with SAST (Static Application Security Testing) tools such as:

    • Fortify on Demand

    • SonarQube

    • Similar security scanning platforms

  • Strong analytical, troubleshooting, and problem-solving skills.

  • Excellent communication and stakeholder management skills.

  • Ability to work independently and collaboratively within cross-functional teams.

Preferred Qualifications


  • Professional certifications such as:

    • CISSP

    • OSCP

    • AWS Security Specialty

    • AWS DevOps Engineer

    • Equivalent cybersecurity certifications

  • Experience working with Government Commercial Cloud (GCC) environments.

Key Skills

Application Security | DevSecOps | Threat Modelling | OWASP Top 10 | OWASP ASVS | AWS Security | CI/CD | SAST | Fortify | SonarQube | REST API | SOAP | SSL/TLS | GitLab | GitHub | Ansible | Cloud Security | Vulnerability Management | Secure SDLC | Security Awareness Training | GCC Cloud Environment

FPT Software

About FPT Software

FPT Software, a subsidiary of FPT Corporation, is a global technology and IT services provider headquartered in Vietnam, with USD 1.22 billion in revenue (2024) and over 33,000 employees in 30 countries.

Embracing an AI-first approach, FPT Software enables breakthrough speed, scalability and quality through AI-powered services and solutions and an AI-augmented workforce. It has partnered with over 1,100 clients worldwide, more than 130 of which are Fortune Global 500 companies in Aviation, Automotive, Banking, Financial Services and Insurance, Healthcare, Logistics, Manufacturing, Utilities, and more.

For more information, please visit https://fptsoftware.com/.

Industry
IT & Software
Company Size
10,000+ employees
Headquarters
Hanoi, VN
Year Founded
Unknown
Website
fpt-software.com
Social Media