Skip to content
← Back to job listings

Lead Application Security Engineer

Encora · Kuala Lumpur, Malaysia

CybersecurityLeadQuick applyfull-time9 days ago

About The Role

Key Responsibilities

  • ● Threat Modeling: Lead design reviews for new banking features (Payments, Transfers,
  • KYC). Identify logic flaws before code is written.
  • ● Pipeline Automation: Architect and maintain the SAST/DAST/SCA tooling in the CI/CD
  • pipeline (e.g., SonarQube, Snyk, GitLab CI) to block vulnerabilities automatically.
  • ● Code Review: Perform manual code audits on high-risk components (Authentication,
  • Ledger logic) in Java, Kotlin, or Swift.
  • ● Cloud & AI Patterns: Deliver API, container, cloud, and AI security design patterns.
  • Ensure that developers have "paved roads" (secure templates) for deploying
  • microservices and AI models.
  • ● Culture: Act as a mentor to the development team, running secure coding workshops and
  • championing a "Security Champion" program.

Technical Requirements

  • ● 5+ years in Application Security with a background in Software Development.
  • ● Proficiency in at least one core language: Java (Spring Boot), Node.js, or Go.
  • ● Deep understanding of OWASP Top 10 and SANS Top 25.
  • ● Experience with CI/CD integration (Jenkins, GitHub Actions).
  • ● Bonus: Experience in Fintech or Banking.

This listing was posted by a verified recruiter at Encora. Report this listing