Application Security Engineer (DevSecOps)

TL;DR

Application Security Engineer (DevSecOps): Strengthening and continuously improving the security posture of applications by integrating security best practices into the application development lifecycle. Focus on automating security controls, implementing infrastructure as code, assessing vulnerabilities, and guiding secure remediation strategies.

Location: Hybrid in Singapore

Company

hirify.global is the world’s digital infrastructure company, enabling connectivity and innovation.

What you will do

• Embed security controls and tools into CI/CD pipelines (SAST, SCA, DAST, Secrets Scanning).
• Implement Shift-left security practices to ensure vulnerabilities are detected and remediated early in the SDLC lifecycle.
• Collaborate with application teams on secure design principles, threat modeling, and architecture reviews.
• Design, build, document, and maintain efficient, reusable code for Security Orchestration, Automation, and Response (SOAR).
• Model the hirify.global culture and values.

Requirements

• 4+ years’ work experience in Security Engineering or DevSecOps.
• Hands-on experience with CI/CD tools (e.g., GitHub Actions) and public cloud services.
• Functional understanding of SAST, SCA, and DAST concepts.
• Experience building automations and services in Terraform, Ansible, Python.
• Knowledge of Authentication and Authorization technologies (SAML, HMAC, OAuth).
• Experience with distributed systems (microservices, K8s).

Culture & Benefits

• A place where bold ideas are welcomed, and human connection is valued.
• Opportunities to shape your future and do your best work.
• Commitment to ensuring an open employment process for all individuals, including those with a disability.
• Equal Employment Opportunity and Affirmative Action employer.