Engineering

Security Engineer

Bangkok, or Jakarta   |   Full Time

 

Are OWASP, MITRE, CVEs top of mind for you? Do you enjoy educating others about secure coding practices and shifting security left? If you have experience securing large cloud-native user-facing platforms, we're looking for you.

 

Honest is growing our engineering team and we're looking to bring on board our first Security Engineer. As the first team member dedicated to security, you'll have the opportunity to make sure security is at the core of our thinking and our platform. You will set and enforce security practices and standards across our organization.

 

How you will make an impact:

 

  • Play a lead role in developing and designing application-level security controls and standards

  • Perform application security design reviews against new products and services

  • Track and prioritize all security issues, develop and implement an incident response plan

  • Build or buy security tools that help fix security problems at scale

  • Perform code review and drive remediation of discovered issues

  • Enable automated security testing at scale to measure vulnerability, and report on risk across all services and applications, internal and external

What you need to have:

  • Strong foundations in software engineering in a cloud-native context

  • Experience or working knowledge of modern development, test, and deployment models

  • Expertise in application security domain and architecture design

  • Understanding of application security in context of SDLC and CI-CD

  • In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10)

  • Understanding of OWASP MASVS and ASVS or other relevant standards (we value effectiveness over abbreviations!)

  • Working knowledge on exploiting and fixing application vulnerabilities

  • Proficient in one or more programming languages such as Python, Go, Node.js, etc

  • Familiarity with industry standard secure design models

 

What makes you stand out:

  • Strong background in threat modeling, experience red/blue/purple-teaming

Submit Your Application

You have successfully applied
  • You have errors in applying