Application Security Engineer (Pentester/ Code Reviewer)

Crypto.com

  • Singapore
  • Permanent
  • Full-time
  • 2 months ago
Singapore, SingaporeSecurity - Application Security // HybridThe Cybersecurity and Data Privacy team reports directly under the office of the CISO headed by Chief Information Security Officer (CISO) Jason Lau ( ) who has over 23+ years of experience in the cybersecurity space, awarded Global Top 100 CISO, and also serves on the World Economic Forum, International Association of Privacy Professionals and more.The team comprises of multiple functions from Blockchain Security, Operational Security, Security Governance and Compliance and more. We drive a culture of having a growth mindset and being humble to help everyone achieve their potential. Security and Data Privacy Compliance first strategy which has been at the core of our company. The security team helped to drive us to be the first Crypto company worldwide to achieve ISO27001, ISO27701, ISO22301 and PCI:DSS 3.2.1 (Level 1) certifications. Extremely detailed third party attested by international audit firm SGS and achieved "Adaptive (Tier 4)” - the highest level possible for the US National Institute of Standards and Technology (NIST) Cybersecurity Framework and the latest NIST Privacy Framework as well as SOC2 and many other regional certifications like the Data Protection Trust Mark.Responsibilities
  • Discover security vulnerabilities through design review, manual source code review, and follow up on the remediation process
  • Use automated tools to find security vulnerabilities in source code and/or system
  • Participant in relevant agile scrum meetings and provide professional recommendations on the design of security controls, libraries, and/or protocols
  • Conduct secure coding training sessions
  • Implement various security control verification and risk detection by developing our own automation system
  • Implement security related libraries for internal use
  • Provide support on application level security monitoring, intrusion detection, and incident response
Requirements
  • Either 1-4 years of software development experience focusing on Server Side development, OR 1-4 years of experience in web-api and mobile app penetration.
  • A deep understanding of OWASP Top 10 and the ability to spot and address logic flaws
  • Good understanding of the whole software development lifecycle, CI/CD tools, cloud, Kubernetes, and various and technology stacks
  • Security-related certificates such as OSCP, CREST, CISSP, and CLSSP are definitely an advantage
  • Proficiency in both spoken and written English. Being able to speak Mandarin will be an advantage
#Hybrid#LI-MK1Life @Empowered to think big. Try new opportunities while working with a talented, ambitious and supportive team.Transformational and proactive working environment. Elevate employees to find thoughtful and innovative solutions.Growth from within. We help to develop new skill-sets that would impact the shaping of your personal and professional growth.Work Culture. Our colleagues are some of the best in the industry; we are all here to help and support one another.One cohesive team. Engage stakeholders to achieve our ultimate goal - Cryptocurrency in every wallet.Are you ready to kickstart your future with us?BenefitsCompetitive salaryMedical insurance package with extended coverage to dependentsAttractive annual leave entitlement including: birthday, work anniversaryWork Flexibility Adoption. Flexi-work hour and hybrid or remote set-upAspire career alternatives through us. Our internal mobility program can offer employees a diverse scope.Work Perks: visa card provided upon joiningOur benefits packages vary depending on region requirements, you can learn more from our talent acquisition team.About :Founded in 2016, serves more than 80 million customers and is the world's fastest growing global cryptocurrency platform. Our vision is simple: Cryptocurrency in Every Wallet™. Built on a foundation of security, privacy, and compliance, is committed to accelerating the adoption of cryptocurrency through innovation and empowering the next generation of builders, creators, and entrepreneurs to develop a fairer and more equitable digital ecosystem.Learn more at .is an equal opportunities employer and we are committed to creating an environment where opportunities are presented to everyone in a fair and transparent way. values diversity and inclusion, seeking candidates with a variety of backgrounds, perspectives, and skills that complement and strengthen our team.Personal data provided by applicants will be used for recruitment purposes only.Please note that only shortlisted candidates will be contacted.

Crypto.com

Similar Jobs

  • Senior Mobile Application Security Engineer

    Ambition

    • Singapore
    Senior Mobile Application Security Engineer wanted for a leading Cryptocurrency and Derivatives Exchange Firm! Leading Cryptocurrency and Derivatives Exchange Firm Dynamic and …
    • 21 days ago

  • Application Security Engineer Intern

    SPH Media

    • Toa Payoh, Singapore
    Aligned with the evolution of the media landscape and our ambition to be a relentless creator of quality content and experiences, our brand refresh is yet another milestone for SPH…
    • 12 days ago

  • SENIOR APPLICATION SECURITY ENGINEER

    Raytheon Technologies

    • Changi, Singapore
    Date Posted: 2021-09-30-07:00 Country: Singapore Location: 39 Changi North Crescent, Singapore Position Title: Senior Application Engineer Engineer Position Grade: P3/ …
    • 2 months ago