Application Security Specialist
Job Summary
Job Description
As an Application Security Specialist at Coda, you will be responsible for ensuring the security of our systems and applications. This includes conducting vulnerability scanning, penetration testing, and designing secure software development lifecycles. You'll develop threat models, integrate security principles into application design, and define operational processes for code analysis tools. You will also review source code, perform vulnerability risk assessments, and manage the remediation lifecycle. The role involves handling externally reported vulnerabilities and working with developers to address security concerns. The ideal candidate has experience in bug bounty, vulnerability assessment, and software development. In this role you will ensure secure operation of our services and protect our users' data, while working alongside a talented and innovative team.
Must have:
- Conduct system vulnerability scanning to identify infrastructure vulnerabilities.
- Execute manual penetration testing and business logic flaw testing.
- Design the secure software development lifecycle.
- Develop threat modeling for systematic analysis.
- Integrate security principles into application design.
- Define operational processes for code analysis tools.
- Perform security review of source code.
- Perform vulnerability risk assessments.
- Conduct manual verifications of vulnerabilities.
- Manage the remediation lifecycle.
Good to have:
- Experience with software development and scripting.
- Familiarity with security tools like Burp Suite and Wireshark.
- Knowledge of programming and scripting languages.
- Knowledge of cloud security.
- Knowledge of container security.
- Knowledge of DevSecOps and security tools in CI/CD.
- OSCP, OSWE, AWS Certified Security - Specialty, or similar certifications.
- Experience with a tech or financial services company.
Perks:
- Wellness Boost: Resources for physical and mental well-being.
- Customized Benefits: Tailor your benefits with our flexible plan.
- Growth Opportunities: Clear progression paths.
- Skill Development: Access training resources.
- Volunteer Time Off: Paid time off for volunteering.
- Family Support: Paid Family Care Leave.
12 skills required
Job Details
What We Do
Coda delivers commerce solutions that accelerate global growth for our partners. With over a decade of experience, we’re trusted by 300+ publishers—including Activision, Bigo, Electronic Arts, Moonton, and Riot Games—to grow their revenue and audiences worldwide.
Our suite of solutions includes Custom Commerce, a fully customizable web store; Codapay, enabling seamless direct payments through API integration on publishers’ websites; Codashop, the go-to marketplace for millions of gamers to purchase in-game content; and Distribution, extending Codashop content through our network of trusted commerce partners.
Headquartered in Singapore with a team of 400+ Codans, Coda has been recognized as an industry leader, named an APAC High Growth Company (2023) by Financial Times, one of Granite Asia’s NextGenTech 30 (2024), a payments leader on Fortune’s Fintech Innovation Asia list (2024), and listed among The Straits Times Fastest Growing Fintechs (2024).
- Conduct system vulnerability scanning to identify infrastructure vulnerabilities in networks, systems, middleware and databases.
- Able to execute manual penetration testing and techniques to concentrate on business logic flaws and weaknesses exploitable by automated tools and scripts.
- Design the secure software development lifecycle to define the security requirements, control gates and go-live criteria.
- Develop threat modelling to perform a systematic analysis of weak areas or gaps from an attacker's perspective.
- Review and integrate security principles into the application design and concepts at the requirement gathering and design review stage.
- Define the operational processes for static and dynamic code analysis tools by integration into the CI/CD pipelines.
- Perform security review of source code and advise the developers in the area of input validation, authentication management, session management, access control, cryptography, error handling, secure file management, memory management and data protection.
- Perform vulnerability risk assessments to evaluate the likelihood and impacts of each vulnerability identified.
- Conduct manual verifications of vulnerabilities to reduce false positives and enhance the remediation efforts by shortening the remediation time frames.
- Manage the remediation lifecycle with a risk-based approach to ensure all vulnerabilities are remediated according to acceptable industry standards.
- Manage the end-to-end process of handling externally reported vulnerabilities.
Requirements
- Total experience of 5-7 years in cyber security.
- At least 3 years of experience in the areas of bug bounty, penetration testing and vulnerability assessment
- At least 2 years of experience in the area of vulnerability management
- At least 2 years of experience in the area of software development and scripting is a plus
- Familiarity with security tools such as Burp Suite, Wireshark, Tenable, NMap, SQLMap, Kali Linux
- Knowledge of programming and scripting languages and reviewing source code is a plus
- Knowledge of cloud security is a plus
- Knowledge of container security is a plus
- Knowledge of DevSecOps and security tools in CI/CD is a plus
- OSCP, OSWE, AWS Certified Security - Specialty, Google Professional Cloud Security Engineer, Microsoft Certified: Azure Security Engineer Associate, GPEN, and/or CREST certification is a plus
- Experience with a tech or financial services company is a plus
Working at Coda
With Codans spread across over 20 countries worldwide, our fast-paced, challenging, and highly collaborative environment breaks down time zones and cultural barriers, empowering you to chase innovative ideas, contribute to Coda’s growth, and make a lasting impact.
If you have a passion for pushing boundaries and thrive on continuous improvement through experimentation, we would love to hear from you!
Our Perks*
Wellness Boost: Stay healthy with resources for physical and mental well-being with our flexible benefits and Employee Well-being Program - because you matter!
Customized Benefits: Tailor your benefits with our flexible plan.
Growth Opportunities: Unlock your potential through clear progression paths.
Skill Development: Access training resources to fuel your personal and professional growth.
Volunteer Time Off: Enjoy paid time off to make a difference in the world through volunteering.
Family Support: Take advantage of paid Family Care Leave to bond with your family, while our selected Flexible Benefits also cater to your family's needs.
*Benefits are reviewed and updated on a yearly basis
We are proud to be an equal opportunity employer, embracing the unique qualities of every individual, regardless of gender, race, age, religion, disability, or other local protected classes. Our goal is to foster an inclusive environment where everyone feels welcome and valued.
Due to the large number of exceptional applications we receive, we can only reach out to shortlisted candidates. If you don't hear from us, rest assured there may be another opportunity at Coda that aligns better with your unique abilities. Remember to check our Careers Page for more exciting job openings!
Similar Jobs
bytedance
Singapore (On-Site)
• 7 Months ago
MixMob
Vancouver, British Columbia, Canada (Remote)
• 10 Months ago
Get notifed when new similar jobs are uploaded
Similar Skill Jobs
McDonald's Corporation
Mexico City, Mexico City, Mexico (On-Site)
• 4 Months ago
The Walt Disney Company
Glendale, California, United States (On-Site)
• 2 Months ago
Wind River
Bengaluru, Karnataka, India (On-Site)
• 2 Weeks ago
Get notifed when new similar jobs are uploaded
Jobs in Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia
Base Fx
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
• 3 Weeks ago
Western Digital
Bayan Lepas, Penang, Malaysia (On-Site)
• 2 Weeks ago
PwC
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
• 8 Months ago
OKX
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
• 2 Weeks ago
Streamline Media Group Inc
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
• 5 Months ago
Xsolla
Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (Hybrid)
• 2 Months ago
Get notifed when new similar jobs are uploaded
Similar Category Jobs
Looks like we're out of matches
Set up an alert and we'll send you similar jobs the moment they appear!
