Application Security Specialist

10 Hours ago • 5-7 Years

Job Summary

Job Description

As an Application Security Specialist at Coda, you will be responsible for ensuring the security of our systems and applications. This includes conducting vulnerability scanning, penetration testing, and designing secure software development lifecycles. You'll develop threat models, integrate security principles into application design, and define operational processes for code analysis tools. You will also review source code, perform vulnerability risk assessments, and manage the remediation lifecycle. The role involves handling externally reported vulnerabilities and working with developers to address security concerns. The ideal candidate has experience in bug bounty, vulnerability assessment, and software development. In this role you will ensure secure operation of our services and protect our users' data, while working alongside a talented and innovative team.
Must have:
  • Conduct system vulnerability scanning to identify infrastructure vulnerabilities.
  • Execute manual penetration testing and business logic flaw testing.
  • Design the secure software development lifecycle.
  • Develop threat modeling for systematic analysis.
  • Integrate security principles into application design.
  • Define operational processes for code analysis tools.
  • Perform security review of source code.
  • Perform vulnerability risk assessments.
  • Conduct manual verifications of vulnerabilities.
  • Manage the remediation lifecycle.
Good to have:
  • Experience with software development and scripting.
  • Familiarity with security tools like Burp Suite and Wireshark.
  • Knowledge of programming and scripting languages.
  • Knowledge of cloud security.
  • Knowledge of container security.
  • Knowledge of DevSecOps and security tools in CI/CD.
  • OSCP, OSWE, AWS Certified Security - Specialty, or similar certifications.
  • Experience with a tech or financial services company.
Perks:
  • Wellness Boost: Resources for physical and mental well-being.
  • Customized Benefits: Tailor your benefits with our flexible plan.
  • Growth Opportunities: Clear progression paths.
  • Skill Development: Access training resources.
  • Volunteer Time Off: Paid time off for volunteering.
  • Family Support: Paid Family Care Leave.

Job Details

What We Do

Coda delivers commerce solutions that accelerate global growth for our partners. With over a decade of experience, we’re trusted by 300+ publishers—including Activision, Bigo, Electronic Arts, Moonton, and Riot Games—to grow their revenue and audiences worldwide.

Our suite of solutions includes Custom Commerce, a fully customizable web store; Codapay, enabling seamless direct payments through API integration on publishers’ websites; Codashop, the go-to marketplace for millions of gamers to purchase in-game content; and Distribution, extending Codashop content through our network of trusted commerce partners.

Headquartered in Singapore with a team of 400+ Codans, Coda has been recognized as an industry leader, named an APAC High Growth Company (2023) by Financial Times, one of Granite Asia’s NextGenTech 30 (2024), a payments leader on Fortune’s Fintech Innovation Asia list (2024), and listed among The Straits Times Fastest Growing Fintechs (2024).

For more on how Coda helps publishers grow faster and smarter, visit coda.co.

    • Conduct system vulnerability scanning to identify infrastructure vulnerabilities in networks, systems, middleware and databases.
    • Able to execute manual penetration testing and techniques to concentrate on business logic flaws and weaknesses exploitable by automated tools and scripts. 
    • Design the secure software development lifecycle to define the security requirements, control gates and go-live criteria.
    • Develop threat modelling to perform a systematic analysis of weak areas or gaps from an attacker's perspective. 
    • Review and integrate security principles into the application design and concepts at the requirement gathering and design review stage.
    • Define the operational processes for static and dynamic code analysis tools by integration into the CI/CD pipelines. 
    • Perform security review of source code and advise the developers in the area of input validation, authentication management, session management, access control, cryptography, error handling, secure file management, memory management and data protection.
    • Perform vulnerability risk assessments to evaluate the likelihood and impacts of each vulnerability identified. 
    • Conduct manual verifications of vulnerabilities to reduce false positives and enhance the remediation efforts by shortening the remediation time frames.
    • Manage the remediation lifecycle with a risk-based approach to ensure all vulnerabilities are remediated according to acceptable industry standards.
    • Manage the end-to-end process of handling externally reported vulnerabilities.

Requirements

    • Total experience of 5-7 years in cyber security.
    • At least 3 years of experience in the areas of bug bounty, penetration testing and vulnerability assessment
    • At least 2 years of experience in the area of vulnerability management
    • At least 2 years of experience in the area of software development and scripting is a plus
    • Familiarity with security tools such as Burp Suite, Wireshark, Tenable, NMap, SQLMap, Kali Linux
    • Knowledge of programming and scripting languages and reviewing source code is a plus
    • Knowledge of cloud security is a plus
    • Knowledge of container security is a plus 
    • Knowledge of DevSecOps and security tools in CI/CD is a plus
    • OSCP, OSWE, AWS Certified Security - Specialty, Google Professional Cloud Security Engineer, Microsoft Certified: Azure Security Engineer Associate, GPEN, and/or CREST certification is a plus
    • Experience with a tech or financial services company is a plus
Working at Coda

With Codans spread across over 20 countries worldwide, our fast-paced, challenging, and highly collaborative environment breaks down time zones and cultural barriers, empowering you to chase innovative ideas, contribute to Coda’s growth, and make a lasting impact.

If you have a passion for pushing boundaries and thrive on continuous improvement through experimentation, we would love to hear from you!

Our Perks*

Wellness Boost: Stay healthy with resources for physical and mental well-being with our flexible benefits and Employee Well-being Program - because you matter!

Customized Benefits: Tailor your benefits with our flexible plan.

Growth Opportunities: Unlock your potential through clear progression paths.

Skill Development: Access training resources to fuel your personal and professional growth.

Volunteer Time Off: Enjoy paid time off to make a difference in the world through volunteering.

Family Support: Take advantage of paid Family Care Leave to bond with your family, while our selected Flexible Benefits also cater to your family's needs.

*Benefits are reviewed and updated on a yearly basis

We are proud to be an equal opportunity employer, embracing the unique qualities of every individual, regardless of gender, race, age, religion, disability, or other local protected classes. Our goal is to foster an inclusive environment where everyone feels welcome and valued.

Due to the large number of exceptional applications we receive, we can only reach out to shortlisted candidates. If you don't hear from us, rest assured there may be another opportunity at Coda that aligns better with your unique abilities. Remember to check our Careers Page for more exciting job openings!

Similar Jobs

Fortanix - SDET Engineer

Fortanix

Bengaluru, Karnataka, India (Hybrid)
1 Month ago
Warner Bros Games - Senior Data Engineer

Warner Bros Games

Hyderabad, Telangana, India (Hybrid)
1 Month ago
Rackspace Technology - Senior DevOps Engineer (Azure)

Rackspace Technology

Germany (Remote)
1 Month ago
Progres - Senior Cloud Security Engineer

Progres

Raleigh, North Carolina, United States (Hybrid)
3 Months ago
ARHS - Senior Cloud/DevOps Architect

ARHS

Luxembourg (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Diligent - Staff Software Engineer - .NET & Typescript

Diligent

Bengaluru, Karnataka, India (On-Site)
1 Day ago
Virtusa - DevOps Lead

Virtusa

Pune, Maharashtra, India (Hybrid)
6 Months ago
Voodoo - Senior Unity SDK Developer

Voodoo

Paris, Île-de-France, France (Hybrid)
3 Months ago
Canva - Senior Frontend Engineer - Data Workflows Team

Canva

London, England, United Kingdom (Remote)
1 Week ago
Rockstar Games - Tools Programmer (Mid/Senior)

Rockstar Games

Dundee, Scotland, United Kingdom (On-Site)
6 Days ago
Warner Bros Games - Staff Technical Program Manager

Warner Bros Games

(Hybrid)
2 Months ago
G- space studios - System Analyst (MMO Game Platform)

G- space studios

(Remote)
1 Day ago
Flutter Entertainment - Lead Data Scientist

Flutter Entertainment

Hyderabad, Telangana, India (Hybrid)
5 Months ago
Epic Games - Senior Game Security Programmer - Asset Integrity

Epic Games

Montreal, Quebec, Canada (On-Site)
2 Weeks ago
NC America, LLC - System Administrator

NC America, LLC

Irvine, California, United States (On-Site)
20 Hours ago

Get notifed when new similar jobs are uploaded

Jobs in Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia

The Walt Disney Company - Brand & Content Marketing Specialist

The Walt Disney Company

Petaling Jaya, Selangor, Malaysia (On-Site)
2 Months ago
ByteDance - [MY] Partnership Manager - BytePlus

ByteDance

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
6 Months ago
NinjaVan - Internship (Operation Excellence)

NinjaVan

Shah Alam, Selangor, Malaysia (On-Site)
6 Months ago
Veeam Software - Deal Desk Manager

Veeam Software

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
8 Hours ago
NinjaVan - Human Resource Business Partner (HRBP)

NinjaVan

Subang Jaya, Selangor, Malaysia (On-Site)
6 Months ago
Grab - Intern, Software Engineer Fullstack

Grab

Petaling Jaya, Selangor, Malaysia (On-Site)
2 Weeks ago
ByteDance - Datacenter Operation Lead, Infrastructure Engineering

ByteDance

Kulai, Johor, Malaysia (On-Site)
3 Months ago
Nahc io - Project Delivery Manager

Nahc io

Selangor, Malaysia (On-Site)
1 Week ago
Microsoft - Test Engineer

Microsoft

Penang, Malaysia (On-Site)
3 Days ago
Animoca Brands - Game Developer

Animoca Brands

Malaysia (Remote)
6 Months ago

Get notifed when new similar jobs are uploaded

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Coda is a global leader in out-of-app monetization and commerce solutions, trusted by over 300 publishers to drive revenue growth and deepen customer engagement. With access to 90% of the world’s preferred payment methods, Coda connects digital businesses to more than 200 million paying users worldwide.

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (Hybrid)

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (Hybrid)

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (Hybrid)

Bangkok, Thailand (On-Site)

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (Hybrid)

Tokyo, Japan (Hybrid)

Singapore, Singapore (On-Site)

Bangkok, Thailand (Hybrid)

View All Jobs

Get notified when new jobs are added by Coda

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug