Senior / Staff Application Security Analyst (Bangkok based, relocation provided)

Overview

Senior / Staff Application Security Analyst (Bangkok based, relocation provided) Join to apply for the

Senior / Staff Application Security Analyst (Bangkok based, relocation provided)

role at

Agoda About Agoda Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more. Based in Asia and part of Booking Holdings, our 7,100+ employees representing 95+ nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world. The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment.

Responsibilities

As a Security Analyst, you will focus on identifying, analyzing, and remediating vulnerabilities across our environment. You will be hands-on with penetration testing and vulnerability management, ensuring our systems remain secure and resilient.

Develop Security Automation Tools to implement solutions at scale

Triage security findings from multiple tools and work with hundreds of teams to get them remediated within the right SLA

Conduct security assessments through code reviews, vulnerability assessments, penetration testing and risk analysis

Research on the negative effects of a vulnerability, from minimizing the impact to altering security controls for future prevention

Identify potential threats so that the organization can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration Testing

Be responsible for developing Security Trainings for developers

Work with DevSecOps team in integration of tools into CI / CD, as well as fine-tune the rules and precision

What you'll Need to Succeed

5+ years in the information security field

5+ years of experience with Penetration Testing (Web, Infra, Mobile, APIs etc.) and Vulnerability Management

Minimum 1 year of experience running a bug bounty platform

Minimum 2 years of experience with any of public / private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.)

Experience performing security testing, e.g. code review and web application security testing

Familiarity with Gitlab, Defectdojo, JIRA, Confluence

Proficient in one or more programming languages such as Python, Go, Node.js

Familiar with analytics platform and databases such as GraphQL, REST APIs, Postgres, MSSQL, Kafka, Hadoop, S3

Strong knowledge of Security Assessment tools such as security scanners (Nessus, Acunetix and similar platforms) and fuzzers

Nice to have

Knowledge in Container Image Security, Dependency Checking, Fuzzing and License Scanning

Familiarity with security incident response processes and 0-days

Security Certifications

Relocation package is provided in case you prefer to relocate to Bangkok, Thailand

Hybrid Working Model

WFH Set Up Allowance

30 Days of Remote Working from anywhere globally every year

Employee discount for accommodation globally

Global team of 90+ nationalities

40+ offices and 25+ countries

Annual CSR / Volunteer Time off

Benevity Subscription for employee donations

Volunteering opportunities globally

Free Headspace subscription

Free Odilo & Udemy subscriptions

Access to Employee Assistance Program (third party for personal and workplace support)

Enhanced Parental Leave

Life, TPD & Accident Insurance

#bangalore #kolkata #singapore #riyadh #jeddah #medina #madrid #barcelona #london #edinburgh #paris #toronto #telaviv #saopaolo #melbourne #cairo #dubai #abudhabi #sharjah #chicago #newyork #sydney #bucharest #mumbai #newdelhi #pune #dublin #berlin #sanjose #moscow #saintpetersburg #munich #cairo #alexandria #giza #shanghai #beijing #shenzhen

Equal Opportunity Employer

At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.

Disclaimer : We do not accept unsolicited CVs from agencies. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.

#J-18808-Ljbffr