Application Security Analyst ( Bangkok based, relocation provided)
Bangkok (Central World Office)
Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with more than 2.5 million accommodations globally. Based in Asia and part of Booking Holdings, our 4,000+ employees representing 90+ nationalities foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world.
Get to Know our Team:
The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. Given that the security ecosystem is moving forward at tremendous speed, we like to be early adaptors of recent technology and products. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment.
You will be working in a fast-paced DevOps environment where code change happens at a rapid speed and where it is paramount to control security testing into a continuous deployment/integration flow.
In this Role, you will get to:
- Develop Security Automation Tools to implement solutions at scale.
- Conduct security assessments through code reviews, vulnerability testing and risk analysis.
- Analyze security breaches to identify root cause.
- Research on the negative effects of an attack or breach, from minimizing the impact to altering security controls for future prevention.
- Identify potential threats so that the organization can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration Testing, and Red/Purple Teaming.
- Be responsible for Developing Security Training.
- Work with DevSecOps team in integration of tools into CI/CD, as well as fine-tune rules and entropy.
- Work with incident response team for disaster recovery plans.
What you'll Need to Succeed:
- 2+ years in the information security field
- 2+ years of experience with Vulnerability Management
- Minimum 1 year of experience running a bug bounty platform
- Minimum 1yr experience with any of public/private cloud environments (Openshift, Rancher, K8s,
- AWS, GCP, Azure, etc.)
- Experience performing security testing, e.g. code review and web application security testing
- Able to automate and script jobs e.g. go, bash scripts, etc.
- Familiarity with Gitlab, Defectdojo, JIRA, Confluence.
- Proficient in one or more programming languages such as Python, Go, Node.js, Python etc.
- Familiar with analytics platform and databases such as GraphQL , REST APIs, Postgres, MSSQL, Kafka, Hadoop etc.
- Strong knowledge in Assessment tools such as security scanners and fuzzers.
It's great if you have:
- Knowledge in Container Image Security, Vulnerability Management, Dependency Checking, Fuzzing and License Scanning
- Security Certifications
This position is based in Bangkok, Thailand (Relocation Provided)
#sanfrancisco #sanjose #losangeles #sandiego #oakland #denver #miami #orlando #atlanta #chicago #boston #detroit #newyork #portland #philadelphia #dallas #houston #austin #seattle #sydney #melbourne #perth #toronto #vancouver #montreal #shanghai #beijing #shenzhen #prague #Brno #Ostrava #cairo #alexandria #giza #estonia #paris #berlin #munich #hamburg #stuttgart #cologne #frankfurt #hongkong #budapest #jakarta #bali #dublin #telaviv #milan #rome #tokyo #osaka #kualalumpur #amsterdam #oslo #manila #warsaw #krakow #bucharest #moscow #saintpetersburg #capetown #johannesburg #seoul #barcelona #madrid #stockholm #zurich #taipei #bangkok #Phuket #istanbul #london #manchester #liverpool #edinburgh #kiev #hcmc #hanoi #wroclaw #poznan #katowice #rio #salvador #IT #4 #LI-RS1
Equal Opportunity Employer
At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.
To all recruitment agencies: Agoda does not accept third party resumes. Please do not send resumes to our jobs alias, Agoda employees or any other organization location. Agoda is not responsible for any fees related to unsolicited resumes.
Explore more Information Security career opportunities
- Open SOC Analyst Jobs
- Open Threat Intelligence Response Analyst Jobs
- Open Principal Security Engineer Jobs
- Open IT Security Engineer Jobs
- Open Vulnerability Analyst Jobs
- Open Information Security Architect Jobs
- Open Senior Penetration Tester Jobs
- Open Senior Infrastructure Security Engineer Jobs
- Open Software Security Engineer Jobs
- Open IAM Engineer Jobs
- Open Personnel Security Officer Jobs
- Open Senior Information Security Analyst Jobs
- Open Sr. Software Engineer - Detection Engineering Jobs
- Open Infrastructure Security Engineer Jobs
- Open Chief Information Security Officer Jobs
- Open Cybersecurity Analyst Jobs
- Open Staff Security Engineer Jobs
- Open Senior Information Security Engineer Jobs
- Open Information Security Officer Jobs
- Open Sr. Product Security Engineer Jobs
- Open Cyber Security Architect Jobs
- Open Staff Engineer, Cloud Security Jobs
- Open Cybersecurity Engineer Jobs
- Open Privacy Manager Jobs
- Open Threat Intelligence Analyst Jobs
- Open Kubernetes-related jobs
- Open PCI-related jobs
- Open Clearance-related jobs
- Open Open Source-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Machine Learning-related jobs
- Open IDS-related jobs
- Open Splunk-related jobs
- Open Ruby-related jobs
- Open Intrusion detection-related jobs
- Open OSCP-related jobs
- Open Security assessments-related jobs
- Open Encryption-related jobs
- Open IPS-related jobs
- Open Docker-related jobs
- Open Threat detection-related jobs
- Open TCP/IP-related jobs
- Open HIPAA-related jobs
- Open Cryptography-related jobs
- Open GDPR-related jobs
- Open Unix-related jobs
- Open DevSecOps-related jobs
- Open PowerShell-related jobs