application security engineer
4 days ago
Be #InGoodHands with Metrobank
Here at Metrobank, we don't simply hire employees—we hone future leaders. We provide opportunities that enhance your skills and unlock your talents, helping you evolve into a well-rounded individual. We supply you with all the pieces you need to do your best work, unleashing your full potential to help you secure your future and lead a fulfilling career. And with Metrobank's strong heart for the community, you have the chance to give back and make worthwhile contributions to our nation's economic and social development. With Metrobank, a meaningful life is within your reach
Job Summary:
Develop and enforce security plans and standards; ensures that application security best practices are executed and implemented. Prepare the plans to deliver/implement the application security strategy prepared by the Security Architect. Provide support to the Security Architect in enterprise security projects including defining configuration standards, testing and implementation. Leads the research, evaluation and implementation of ISD security tools and small projects. Provide risk assessment support to CPSD and SQRD related to architecture for security concerns and/or security controls to be architected. Maintain and mature the security tools to ensure effective prevention and detection of incidents. Prepare the necessary documentation for project approval and implementation. Act as the subject matter expert on security of assigned technology domain/area (i.e., mobile application, web application, etc.).
Specific Duties & Responsibilities:
Based on the approved IT security systems and application security architecture, develops detailed designs for implementation.Formulate, review and maintain IT security policies, technical standards, internal ISD procedures and guidelines related to securing the information processing environment, IT facilities and connected third party services/providers of the Bank.Provide support to CPSD and SQRD, serve as the security subject matter expert related to application security. Identify security design gaps in existing application systems and proposed architectures and recommend changes or enhancements.Evaluate cost-effective solutions and prepare the business case for IT security projects.Manage the testing of technical controls and monitors its implementation.Define and document security tool/device standard configuration parameters. Ensures that application security tools are securely configured and functions effectively and efficiently.Perform regular security configuration reviews, ensure efficacy of controls and use is optimized.Monitor and if necessary, assist ITG administrators in ensuring problems of security devices/systems are timely resolved.Review and/or evaluate vendor performance as part of VPRC process.Review installation and changes to CI/CD pipeline.Manages the implementation of baseline system security standards for application development.Collaborates and coordinates with other ISD Departments to ensure that holistic ISD service is provided to internal customers.Establish disaster recovery strategy of security tools implemented and ensures it is regularly tested for effectiveness.Stay up to date with latest security technology and trends, vulnerabilities and threats.Guide Infrastructure Security Specialists; review their work.Proactively works with the SAID Head in implementing programs for the continuous improvement of the bank's information security plans and strategies.Perform other information security governance, risk and compliance related duties and responsibilities as directed by the SAID Head.Job Specifications:
Graduate of any college degree in Computer Science or Information Security, or related technical field of expertise.Extensive/in-depth knowledge and understanding of secure coding principles and OWASP Top 10.Working experiences with designing/architecting CI/CD pipeline.Certification may include SANS GIAC, CISSP, CISM, GWAPT, or equivalent.At least 3+ years' experience in designing, implementing and maintaining application security solutions such as SAST, DAST, IAST, etc.Analytical and risk identification skills to analyze a variety of information security related risk situations and develop recommendations on the best course of actionScripting and programming – computer programming and scripting skills is an advantage.Strong written and oral communication skills to write technical reports on their assessments and communicate potential security weaknesses.Should also be abreast with security best practices and knowledge of common and emerging security threats.Self-starter, result-orientated in terms of disposition for corrective action to drive the remediation to reduce the risk exposure of the bank.Have good teamwork and collaboration skills: good team players with the ability to lead security initiatives.Good project management skills to lead and manage accomplishments of assigned tasks/projects within the predetermined time-frameGood communication skills: to effectively articulate and explain complex security topics in simple language and easy to understand concepts.-
Application Security
2 weeks ago
Taguig, National Capital Region, Philippines People Matter PH Full time ₱1,000,000 - ₱1,500,000 per yearAbout the RoleWe are looking for a Senior Manager of Application Security to lead the secure development lifecycle across our digital banking platforms. You will manage a team of security professionals, define secure coding practices, and work closely with engineering and product teams to ensure security is built into every stage of software development.Key...
-
VP Application Security
2 weeks ago
Taguig, National Capital Region, Philippines HR TechX Corp. Full time ₱1,500,000 - ₱2,500,000 per yearJob briefSeeking for an experiencedApplication Security Headto drive our secure development initiatives and lead a team of security professionals. The ideal candidate will have a strong technical background in application security, hands-on expertise with security testing tools, and proven leadership experience in building and managing security programs for...
-
VP for Application Security
4 weeks ago
Taguig, National Capital Region, Philippines Hrtx Full timePosition: Vice President Application SecurityLocation: BGC, TaguigWork Setup: HybridSchedule: Night Shift About the Role We are seeking an experienced Vice President for Application Security to lead the development and execution of enterprise-wide application security strategies. This role will be based in BGC on a hybrid setup and will operate...
-
VP for Application Security
2 weeks ago
Taguig, National Capital Region, Philippines HR TechX Corp. Full time ₱2,000,000 - ₱2,500,000 per yearPosition:Vice President Application SecurityLocation:BGC, TaguigWork Setup:HybridSchedule:Night ShiftAbout The RoleWe are seeking an experiencedVice President for Application Securityto lead the development and execution of enterprise-wide application security strategies. This role will be based inBGC on a hybrid setupand will operate during thenight shiftto...
-
VP for Application Security
4 weeks ago
Taguig, National Capital Region, Philippines Hrtx Full timePosition: Vice President Application SecurityLocation: BGC, TaguigWork Setup: HybridSchedule: Night ShiftAbout the RoleWe are seeking an experienced Vice President for Application Security to lead the development and execution of enterprise-wide application security strategies. This role will be based in BGC on a hybrid setup and will operate during the...
-
Security Engineer
2 weeks ago
Taguig, National Capital Region, Philippines People Matter PH Full time $104,000 - $130,878 per yearAbout the RoleWe are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platform's security.What You'll DoPerform manual security testing on web...
-
Security Engineer
4 weeks ago
Taguig, National Capital Region, Philippines Hrtx Full timeAbout the RoleWe are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platforms security.What Youll DoPerform manual security testing on web...
-
Security Engineer
2 weeks ago
Taguig, National Capital Region, Philippines PeopleMatter PH Full time ₱900,000 - ₱1,200,000 per yearJob description:About the RoleWe are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platform's security.What You'll DoPerform manual security...
-
Security Engineer
2 weeks ago
Taguig, National Capital Region, Philippines People Matter PH Full time ₱1,440,000 per yearAbout the RoleWe are looking for a skilled Web & API Security Engineer with strong offensive security expertise. In this hands-on role, you will test modern web applications and APIs to find vulnerabilities, simulate real-world attacks, and work with engineering teams to improve our platform's security.What You'll DoPerform manual security testing on web...
-
Secure Code Engineer
2 weeks ago
Taguig, National Capital Region, Philippines AvantePH Staffing and Consultancy Inc. Full time ₱420,000 - ₱840,000 per yearWe are seeking a detail-oriented and technically proficient Secure Code Engineer to help ensure our financial applications are developed and deployed securely. This role is ideal for someone with a strong programming background and a passion for software security, particularly within banking or fintech environments.You will play a key role in identifying...
