Application Security Engineer

• Salary:

Php 104,000 to Php 142,000
- Location:

Manila
- Country:

Philippines
- Business Unit:

Technology
- Vacancy Type:

Permanent
- Closing Date:

10 January 2026

Beige Sales

Employment type: Permanent

Location: Makati City, Metro Manila

Work setup: We operate in a hybrid work environment, and we encourage applicants who are open to working in the office two days a week to apply.

Work schedule: 3PM to 11PM Manila time

Pay range:Php 104,000 to Php 142,0000

We value transparency and want to ensure a good fit for both parties. We encourage applicants who are comfortable within the salary range to apply.

Discover a world of endless possibilities with Cambridge University Press & Assessment, a distinguished global academic publisher and assessment organisation proudly affiliated with the prestigious University of Cambridge.

We are looking for a security-focused and collaborative Application Security Engineer to join our Manila-based team at Cambridge University Press & Assessment, aligned to UK working hours. In this role, you'll work hand-in-hand with development and engineering teams to embed security into every phase of the software development lifecycle (SDLC), ensuring applications are resilient, compliant, and built to industry-leading standards. From secure coding to threat modelling and CI/CD pipeline integration, you'll play a vital role in preventing vulnerabilities and safeguarding customer trust. Join us and be a key player in enabling secure innovation at a global scale.

Why Cambridge?

Cambridge University Press & Assessment is a world-renowned not-for-profit academic publisher and assessment organisation, proudly part of the prestigious University of Cambridge. With a legacy rooted in over 800 years of educational excellence, we are dedicated to unlocking the potential of learners and educators across the globe.

Joining Cambridge's second largest global office in the Philippines —operating for over 22 years with 1,300+ colleagues— means becoming a part of an extraordinary institution renowned worldwide. We are recognised as a Great Place to Work for three consecutive years, reflecting our inclusive culture, strong sense of purpose, and commitment to the professional growth and well-being of our people. At Cambridge, we don't just publish books or deliver tests—we empower progress, inspire curiosity, and champion the pursuit of knowledge.

What can you get from Cambridge?

At Cambridge, you'll become a part of a vibrant and forward-thinking community that transcends tradition, fostering a culture of continuous growth and personal development. Here, we provide the right environment for you to thrive, supporting your professional journey and empowering you to reach your highest potential, that is why our pay philosophy is intricately tied to your skills and competencies, ensuring that your compensation aligns with the unique value you bring to the role you are applying for.

The organization offers a wide range of benefits and opportunities including:

• Regular Employment on Day 1

• HMO Coverage and Life Insurance on Day 1

• Paid Annual Leaves (Vacation, Well-being, Flexible, Holiday, and Volunteering leaves)

• Vesting/Retirement package

• Opportunities for career growth and development

• Access to well-being programs

• Flexible schedule, hybrid work arrangement and work-life balance

• Opportunity to collaborate with colleagues from diverse branches that will expand your horizons and enrich your understanding of different cultures

What will you do as an Application Security Engineer?

As an Application Security Engineer, you will integrate robust security practices across development and deployment environments.

Your responsibilities will include:

• Embedding secure coding practices and SDLC-aligned security measures with development teams.
• Supporting CI/CD security integration and DevSecOps pipeline validation.
• Leading threat modelling, risk prioritisation, and vulnerability tracking.
• Reviewing code and supporting penetration testing to detect and mitigate risks.
• Designing secure API configurations, server setups, and access controls.
• Collaborating on application vulnerability scanning and patch management.
• Supporting audits, compliance alignment (e.g., ISO 27001, CIS), and incident response readiness.
• Educating teams on security trends, OWASP Top 10, and secure deployment techniques.

What makes you the ideal candidate for this role?

You'll thrive in this role if you bring:

• A degree and 5+ years of technical experience in application security.
• Proficiency in secure development frameworks and vulnerability remediation.
• Experience with SAST, DAST, SCA tools and CI/CD integration.
• Familiarity with OWASP Top 10, secure API development, and server hardening.
• Strong cloud security knowledge (AWS, Azure, GCP) and scripting skills (e.g., Python, PowerShell).
• Relevant certifications (e.g., ISC2 CISSP, CSSLP, CEH, GWAPT).
• Excellent English communication skills, with the ability to clearly articulate complex technical concepts to both technical and non-technical audiences.

Are you driven by desire to be part of a globally renowned institution that celebrates innovation, embraces inclusion, and empowers learners? Then, we invite you to Pursue your Potential with us.

Applications received through the system will be reviewed on a rolling basis and may close the vacancy once sufficient applications are received. Therefore, if you are interested, tailor-fit your CV (advantageous if you submit one with a Cover Letter) and submit as early as possible.