Senior/Staff Application Security Engineer; Bangkok
Senior/Staff Application Security Engineer (Bangkok based, relocation provided)
We are seeking a Senior/Staff Application Security Engineer based in Bangkok with relocation provided. The Security Department oversees security, compliance, GRC, and security operations for Agoda. We are looking for someone who can help ensure there are no breaches or vulnerabilities that could threaten the company or its employees.
Responsibilities- Conduct application security reviews and perform penetration testing, ensuring alignment with compliance standards.
- Engage in security projects, research, and tool development to enhance security measures and meet compliance requirements.
- Scale security processes using automation.
- Provide training, outreach, and develop documentation to guide security practices among internal teams.
- Offer technical guidance, advocate for automation, evaluate designs, and lead security teams to empower engineering partners with cutting-edge tools, techniques, and methodologies to build secure products.
- Strong foundations in secure design reviews, threat modeling experience, code reviews, and pen-testing.
- Minimum of 3 years of technical experience with threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration, and network security.
- Minimum 2 years of experience with Software Development Life Cycle in any of:
Go, Python, Node.js, Rust, etc. - Experience with public/private cloud environments (Open Shift, Rancher, Kubernetes, AWS, GCP, Azure, etc.).
- Knowledge of security principles, compliance regulations, and change management.
- Experience in running assessments using OWASP MASVS and ASVS.
- Working knowledge of exploiting and fixing application vulnerabilities.
- Proven expertise in architectural threat modeling and conducting secure design reviews.
- In-depth knowledge of common web application vulnerabilities (OWASP Top 10, SANS Top 25).
- Familiarity with automated dynamic scanners, fuzzers, and proxy tools.
- Analytical problem-solving skills and familiarity with offensive security tactics.
- Excellent communication skills, both verbal and written, to convey technical concepts to diverse audiences.
- Exposure to advanced AI and Large Language Model (LLM) security.
- Relocation package is provided for Bangkok, Thailand.
- Hybrid working model
- Work-from-home setup allowance
- 30 days of remote working from anywhere globally each year
- Employee discount for accommodation globally
- Global team of 90+ nationalities
- 40+ offices and 25+ countries
- Annual CSR / Volunteer Time Off
- Benevity subscription for employee donations
- Volunteering opportunities globally
- Headspace, Odilo & Udemy subscriptions
- Employee Assistance Program (third party)
- Enhanced Parental Leave
- Life, TPD & Accident Insurance
Equal Opportunity
Employer:
Agoda is committed to equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, or other protected characteristics. All applicants will be considered on merit and qualifications. We may keep your application on file for future vacancies unless you request otherwise. For more details, please read our privacy policy.
Disclaimer:
We do not accept unsolicited third-party or agency submissions. If we receive such submissions, we reserve the right to contact and hire the candidate directly without any recruitment fee obligation.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).