Sr. DevSecOps

Job Title:
 Senior Associate – Application Security

Location:
 Manila, PH (Remote)

Availability:
 Immediate – New role, eager to fill

Role Overview

We are seeking a 
Senior Associate – Application Security
 with hands-on expertise in 
application security testing, vulnerability management, DevSecOps, and governance
. The role involves embedding security in SDLC phases, performing penetration testing, and supporting the Global Security Office's DevSecOps practice.

Key Responsibilities

• Conduct 
  web, mobile, and infrastructure penetration testing
   (manual & automated).
• Perform 
  manual source code reviews
   and identify vulnerabilities.
• Implement and design 
  automated security checks
   within CI/CD pipelines.
• Support deployment of new 
  security tools and processes
  .
• Strong expertise in 
  DevSecOps
  , secure coding practices, cryptography, and authentication techniques.
• Work closely with stakeholders to ensure 
  security compliance
   and best practices.

Skills & Experience

• 2–3 years
   in application security, penetration testing, and DevSecOps.
• Strong knowledge of 
  OWASP Top 10, SANS Top 25, NIST standards
  .
• Proficiency in 
  AppSec tools
   (AppScan, Checkmarx, Veracode, Burp Suite, Synopsys Seeker).
• Experience with 
  Jenkins, Docker, Kubernetes, microservices
  .
• Familiarity with 
  Python, Java, , Go, Rust, scripting
  .
• Certifications like 
  OSCP, OSWE, CEH
   are a plus.
• Excellent communication skills and ability to work in global teams