Application Security Specialist

Back to jobs Application Security Specialist Singapore Apply Trust is the first of a new breed of banks in Singapore – digitally native and focused on delivering a delightful customer experience. You will work in a fast-paced and collaborative environment to solve new and interesting challenges each day. Together with our Trust team, you will help shape the future of our bank. As our Application Security Specialist, you'll dive into interesting security challenges, help shape new approaches, and contribute to building secure, high-quality products for our customers. Key Roles and Responsibilities Trust Bank is enhancing our cyber security capabilities with best-in-class practices that keep pace with our fast-moving, innovative business. You'll combine technical expertise with strategic thinking to help our development teams build secure applications without slowing them down. You'll be part of a close-knit security team that embraces modern approaches - cloud-native designs, DevSecOps, and agile development. In our decentralized DevOps culture, you'll be the security expert that developers and product owners turn to, making security compliance straightforward and ensuring everyone has the knowledge they need. You'll work collaboratively across security and engineering teams to implement practices and metrics that reduce our application attack surface. You'll help shape and adapt our application security approach as we continue to grow, maintaining security effectiveness throughout. You'll focus on securing our applications and the systems that build and deploy them. This means: Application Security Toolchain You'll select and maintain security tools for different projects: Static Analysis (SAST) and Dynamic Analysis (DAST) for code and running applications Open Source Security (OSS) scanning for dependencies Container & Kubernetes security for our cloud-native deployments API security, Web Application Firewalls, and DDoS protection External perimeter scanning for our deployed applications Security-focused chaos engineering tools Runtime application and container protection Key Responsibilities You'll drive strategic application security initiatives, big projects that fundamentally change our approach to application security AI Security - We've got several use cases in production already, with more to come and our engineering team uses AI heavily in their work. We need to ensure it remains secure. Providing appropriate trainings and sharing with developers and engineers, including Secure Code Development programs Develop a network of Security Champions to facilitate velocity and security risk identification Review and develop a mature framework of development and testing practices around international standards such as OpenSAMM / BSIMM and OWASP ASVS, following a progressive maturity development approach adapted to each product's needs Supporting the triage of vulnerabilities to reduce false-positives, working with engineering teams to automate the build processes in order to facilitate the transparent remediation of vulnerabilities Work with security management and product to link Threat Models, risk registries, monitoring use cases and application security unit tests, working towards continuous assurance and compliance In order to be successful at this role, you must have most of the following: 8+ years of overall experience with bulk of this experience focused on Application Security Programming background in Java/Kotlin and/or Python in enterprise environments and can read and understand Java/Kotlin and Python codebases Experience building, maintaining and deploying CI/CD pipelines and solutions for app deployment Comfortable with YAML, JSON and other markup languages and formats used in our deployment stack Extensive experience with vulnerabilities and advanced attacks relevant for financial services Comfortable with the use of AI in their own workflows, and understanding how AI is used in development workflows self-driven and keen to make an impact. Trust Bank moves quickly and there are opportunities everywhere a Strong communicator, you'll be working with everyone from developers to executives Work with developers to embed security best practices while maintaining development velocity Experience in regulated digital payment services, banking, or e-commerce is a good to have Background in monitoring, incident response and forensics in cloud environments (IaaS, Kubernetes, SaaS applications) Previous collaboration with and work within offensive security teams, including pentesting, bug bounties or red teaming Role Specific Technical Competencies Programming background in Java/Kotlin and/or Python in enterprise environments and can read and understand Java/Kotlin and Python codebases Experience building, maintaining and deploying CI/CD pipelines and solutions for app deployment Comfortable with YAML, JSON and other markup languages and formats used in our deployment stack Background in monitoring, incident response and forensics in cloud environments (IaaS, Kubernetes, SaaS applications) If you apply for a job with Trust or submit any personal information in connection with a possible job opportunity, you agree to our privacy notice for job applicants. Come as you are! Trust is an inclusive and open-minded workplace. If you are good at what you do and care about doing a good job, that’s what we focus and want from you. So come as you are. 😊 Trust is an equal opportunity employer. We prohibit discrimination and harassment of any kind. We are committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Trust are based on business needs, job requirements and individual qualifications, without regard to age, gender, physical ability, race, religion or belief, family or parental status, sexuality, or any other status protected by laws or regulations. We will not tolerate discrimination or harassment based on any of these characteristics. We encourage applicants of all ages. Create a Job Alert Interested in building your career at Trust Bank? Get future opportunities sent straight to your email. Create alert Apply for this job * indicates a required field Autofill with MyGreenhouse First Name* Last Name* Email* Phone Country* Phone* Resume/CV* Attach Attach Dropbox Google Drive Enter manually Enter manually Accepted file types: pdf, doc, docx, txt, rtf If you are currently or formally a Standard Chartered employee applying for a role at Trust Bank, please let us know your Bank ID. If not applicable, kindly indicate as N.A:* Do you require a visa to work in Singapore?* Select... Have you built enterprise applications and deployed these applications into production?* Select... Have you built enterprise applications specifically for the cloud and deployed these into production?* Select... Are you currently/have you been in an audit partner role involved in an external audit engagement with Trust Bank?* Select... Are you currently/have you been in an audit senior role (e.g. Audit Director or Audit Senior Manager) involved in an external audit engagement with Trust Bank?* Select... By answering 'Yes', you agree to the Trust Recruitment Privacy Notice* Select... Submit application