Senior Security Engineer

Tp Hồ Chí Minh
Lâu dài
Toàn thời gian

1 ngày trước

Role SummaryWe are seeking a highly skilled and hands-on Senior Security Engineer with a strong focus on secure coding and automation (Python) to join our Service Operations team. This role is ideal for engineers who are passionate about building secure, scalable systems, integrating security into development workflows, and supporting banking/financial domain applications in a cloud-native (AWS) environment.Key Responsibilities

Develop and maintain security automation tools and scripts using Python to support application security and DevSecOps processes
Perform secure code reviews across platforms (Kotlin, Node.js, Android, iOS, Python), with strong emphasis on Python-based systems
Integrate and automate security controls into CI/CD pipelines (e.g., GitHub Actions)
Work closely with engineering teams to embed secure coding practices into the SDLC
Implement and manage SAST/SCA/DAST tools and automate vulnerability detection and remediation workflows
Support API and application security (REST, GraphQL), including authentication, authorization, and encryption practices
Conduct basic penetration testing and vulnerability validation (mobile, web, APIs) - depth is not required, focus is on remediation and automation
Perform threat modelling (e.g., STRIDE) and risk assessment for applications, especially in banking systems
Collaborate with infrastructure teams to ensure secure deployment on AWS cloud environments
Contribute to application security standards, policies, and best practices aligned with OWASP
Monitor and respond to emerging security threats, including risks related to AI-enabled systems
Support BAU security operations, vulnerability management, and continuous improvement initiatives

Required Qualifications

5+ years of hands-on experience in Python development (mandatory, strong coding capability is critical)
2-3 years of experience in application security/DevSecOps
Experience working in banking/financial services domain
Strong experience with AWS cloud services and cloud security practices
Solid understanding of secure coding practices and code review methodologies
Experience integrating security tools into CI/CD pipelines
Familiarity with SAST/SCA/DAST tools
Basic understanding of penetration testing concepts and tools (e.g., Burp Suite, MobSF, Frida)
Knowledge of API security, authentication mechanisms, and cryptographic fundamentals
Experience working in Agile/DevOps environments

Preferred Qualifications

Experience with security automation frameworks and tooling in Python
Exposure to AI/ML application security (e.g., prompt injection, model abuse)
Certifications such as AWS Security Specialty, CSSLP, OSCP (optional)
Experience with container security (Docker, Kubernetes) and IaC scanning
Familiarity with banking security standards and compliance requirements

About UsWe show commitment to our investors and stand for solid, long-term growth performance. Founded in Germany in 1987 and in American territory since 2008, GFT expanded globally to over 10,000 experts. And to more than 15 markets to ensure proximity to clients. With new opportunities from Asia to Brazil, the international growth story continues. We are committed to grow tech talents worldwide. Because our team’s strong consulting and development skills across legacy and pioneering technologies, like GreenCoding, underpin success. We maintain a family atmosphere in an inclusive work environment.There is room for your talent!Put your talent to work. At GFT, you'll be working with some of the brightest people in business and technology on challenging and rewarding projects in, a team of like-minded individuals.
Feel it. We are #one team collaboratively working towards the same goal.Not Ready To Apply?Stay connected! Enter your e-mail and we will keep you informed about upcoming events and opportunities that match your interests.

GFT Technologies

Nộp đơn ngay