Application Security

Mô tả công việc:

About KiotViet:
KiotViet wishes to transfer a massive power of technology to every business model in Vietnam and Southeast Asia through our simple and effective solutions. KiotViet is committed itself to creating efficient, convenient products for micro, small and medium-size businesses. In over 13 years, with more than 1500 people who form KiotViet in present, we understand that our members of all time are the foundation of KiotViet nowadays and a launchpad for reaching a better KiotViet in the future. KiotViet is committed to creating a work environment that shares success, shares responsibilities.

We are looking for some developers to join our product team. Joining us, you will have a chance to build the first marketplace in Vietnam with so much technology challenge. As a developer, you will be involved in building products to enable an excellent experience.
What you will do:
Collaborate with development teams to integrate and automate security testing into the software development process and to implement secure coding practices.
Conduct security assessments of software applications and products throughout the development lifecycle.
Identify vulnerabilities and recommend appropriate security controls.
Coordinate with third-party firms to schedule periodic penetration testing to schedule and lead remediation efforts with development teams.
Perform security code reviews and assist in remediating security flaws from internal testing as well as third-party penetration testing.
Consult and collaborate with the Architecture team on the security design of a new project.
Stays current with the latest security threats and technologies.

Yêu cầu công việc:

Extensive experience penetration testing various assets, including but not limited to; web applications, mobile applications; networks/infrastructure, and cloud services;
Programming experience with Java, JavaScript, and PHP, DotNet;
Minimum three years of experience working application security concepts, secure coding practices and frameworks, and software development methodologies;
Experience with security assessment tools and techniques (e.g., SAST, DAST);
Experience identifying web & mobile application vulnerabilities (e.g., OWASP) and mitigation of vulnerabilities;
Experience with threat modeling and risk assessment for applications;
Experience working with one or more of the following: Burp Suite, OWASP ZAP;
Bachelor’s degree in computer science, Information Systems, or a related field.
Preferred Skills:
Experience with Web Application Firewalls (WAF);
Certifications such as: OSCP, OSWE.

Quyền lợi & Chính sách:

Top salary range in the market (willing to negotiate);
Compensation, pay raise approval at least 1 time per year, a 13th month salary depending on employee’s performance;
Performance bonus (up to 2-month salary);
Social – Health – Insurance paid fully. Healthcare: Annual health check-up, Premium Health Insurance ( from level senioraccording to the company's regulations);
Advantageous and yield benefits, other benefits such as holiday vacations, benefits for employee’s relatives;
Unlimited chance of being promoted based on employee’s performance.