CrawlJobs Logo

IT Security Engineer

GalaxyOne

Location Icon

Location:
Vietnam , Ho Chi Minh City

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

This role is to find all the security vulnerabilities in a system and then perform intrusion tests, and full-scale, controlled attacks

Job Responsibility:

  • Analyze security requirements from the software development team to define the security software testing strategy
  • Participate in client meetings to discuss and agree on security testing approaches, and estimation in new security test opportunities
  • Plan and perform security testing of application designs, source code, and deployments, covering all kinds of applications, web applications, web services, and mobile applications in software development
  • Do black box and white box security testing for web and mobile applications
  • Follow up with the project team to verify the security risks

Requirements:

  • University level with bachelor’s degree in computer science or equivalence
  • Has 1+ years of hands-on experience in security testing
  • Strong knowledge of security principles, techniques, and technologies (OWASP Top 10 For Web or Mobile applications)
  • Experience performing security tests for web or mobile applications based on OWASP Top 10
  • Strong knowledge of network protocols
  • Good English communication (written and oral)
  • Good knowledge and understanding the programming languages
  • Excellent problem-solving skills and attention to detail

Nice to have:

  • OSCP
  • Security+
  • Pentest+
  • GPEN
  • CEH
What we offer:
  • You will become a rightful member of a fast-growing business in Vietnam and gain knowledge in multiple business domains
  • Attractive compensation package based on competency and potential
  • General health care package
  • Lunch allowance
  • Comfortable working facilities
  • Powerful workstations
  • Annual company trip and team-building activities
  • Personal development system for both personal contributors and managers
  • No dress codes

Additional Information:

Job Posted:
January 18, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
GalaxyOne - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for IT Security Engineer

Principal Security Engineer

We’re seeking a Principal Security Engineer with deep expertise in cloud securit...
Location
Location
United States , San Francisco
Salary
Salary:
136000.00 - 241000.00 USD / Year
ethoslife.com Logo
Ethos
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in security engineering or architecture roles
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field from a reputable institution
  • Deep expertise in cloud platforms (particularly AWS), including infrastructure-as-code (e.g., Terraform, CloudFormation)
  • Strong experience in secure software development and application security (e.g., OWASP Top 10, SAST, DAST, threat modeling)
  • Experience designing and implementing zero-trust architectures, secure API gateways, and identity/access controls
  • Proficient in scripting or development languages (e.g., Python, Go, JavaScript) and secure coding practices
  • Demonstrated leadership in cross-functional security initiatives and technical mentorship
  • Ability to come into our San Francisco, CA office once a week
Job Responsibility
Job Responsibility
  • Design and implement secure architectures for applications, APIs, microservices, and containerized workloads
  • Develop and enforce application security best practices across SDLC
  • partner with DevOps and engineering teams to integrate security into CI/CD pipelines
  • Conduct threat modeling, security design reviews, and risk assessments for new and existing systems
  • Evaluate and implement cloud security tools, controls, and frameworks (e.g., CSPM, CWPP, IAM, KMS, logging, and monitoring)
  • Provide technical leadership and mentorship to security engineers, software developers, and DevOps personnel
  • Lead response to complex security incidents or architectural flaws
  • conduct root cause analysis and recommend strategic remediations
  • Contribute to and influence security policies, standards, and governance
  • Stay current with emerging threats, vulnerabilities, and security technologies, advising stakeholders on evolving risks and mitigations
  • Fulltime
Read More
Arrow Right

Product Security Engineer - Secure SDLC Analyst

HPE Aruba Networking is looking for a person excited to work at the intersection...
Location
Location
United States , San Juan
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS in Information Security, Computer Science, or related technical field
  • A background in software security, either academic or work experience, including reverse engineering, vulnerability classes such as buffer overflows and their prevention, web application security, and/or cloud security
  • Programming knowledge of at least one programming language with the ability to look at source code and figure out what it’s doing
  • Familiarity with the purpose of tools such as IDEs, compilers, source code revision control systems, ASPM, SCA and code scanners
  • Minimum 3 years of experience working directly in software engineering or in an adjacent field with exposure to the software engineering environment
  • Experience conducting risk assessments, threat modeling, and/or compliance assessments
  • Experience supporting the integration of security practices through the software development lifecycle
Job Responsibility
Job Responsibility
  • Assist in the execution of product compliance assessments against various frameworks (e.g. NIST SSDF, NIST SP 800-218, SP 800-53, CIS Benchmarks)
  • Assist in the development and/or maintenance of GRC and SDLC tooling implementations, including scripting and automation
  • Operate as a representative of HPE Aruba in working groups, with government representatives, and with auditors
  • Provide consulting, information, and advice to product teams around implementing and improving the maturity of our SDLC
  • Document known issues and provide information to product teams in a manner which allows for easy interpretation and corrective actions to be performed
  • Monitor worldwide government standards and communicate to management and product teams when changes are made that may impact an existing control or introduce new requirements
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Security and Application Security Engineer

Beacon Technologies is seeking a Security and Application Security Engineer. The...
Location
Location
United States , Las Vegas
Salary
Salary:
Not provided
beacontechinc.com Logo
Beacon Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of five years of Information Security experience with at least two years of application-level security
  • Strong communication skills: ability to convey and document security guidelines, requirements, and coding best practices
  • Familiarity with Security Best Practices in common coding languages
  • Application Penetration Testing / API Security Testing
  • Software Development Life Cycle Design and Implementation
  • Static and Dynamic Application Testing Tools and Methods
  • Container and orchestration security (Kubernetes, Docker, Octopus, GitHub, etc.)
  • Familiarity with Application Security Testing Frameworks such as OWASP
  • Strong logical and analytical thinker
  • exceptional skills in security systems solutions
Job Responsibility
Job Responsibility
  • Operate as a liaison between the Security Team and the Development Teams
  • Preserve PCI and SOX Security Certification programs with a primary focus on ensuring compliance with the appropriate industry standards and security controls
  • Supporting incident response and architecture review whenever applications security expertise is needed
  • Integrating threat modeling practices into the SDLC
  • Work with other staff to perform periodic scans and evaluation of system security including areas such as patch management, penetration testing, vulnerability assessments, and other types of InfoSec-related tasks
  • Assist in identifying and communicating security exposures, information security incidents or non-compliance situations to IT management or the CISO as appropriate. Duties may also include collecting and documenting cyber security and incident response event data as necessary.
What we offer
What we offer
  • Career advancement opportunities
  • extensive training
  • excellent benefits including paying for health and dental premiums for salaried employees.
  • Fulltime
Read More
Arrow Right

Security Engineer

Cresta is seeking a passionate individual with solid security engineering experi...
Location
Location
United States
Salary
Salary:
120000.00 - 160000.00 USD / Year
cresta.com Logo
Cresta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Ambitious, passionate and results-oriented, with excellent interpersonal and communication skills
  • 4+ years of experience in application security engineering and cloud security (AWS/GCP)
  • Security domain knowledge across many cyber security disciplines
  • Experience in static code analysis and remediation
  • Experience in security operations (SOC) and incident response
  • Experience in AI security and hardening ML infrastructure
  • Working knowledge of Python and Go to develop and collaborate with engineering on product security features
  • Experience managing competing efforts and requirements
  • Experience with fast growing SaaS startups
Job Responsibility
Job Responsibility
  • Detect, defend, and respond to threats to Cresta and its customers
  • Support SOC2 Type II, ISO 27001/27701/42001, PCI-DSS, TISAX, and HIPAA audit processes with technical controls and evidence
  • Perform security audits of Cresta's products and cloud infrastructure and drive remediation of security risks
  • Improve and monitor Cresta's vulnerability management program to ensure we're monitoring and mitigating known vulnerabilities
  • Develop internal tooling and automation
What we offer
What we offer
  • Comprehensive medical, dental, and vision coverage with plans to fit you and your family
  • Flexible PTO to take the time you need, when you need it
  • Paid parental leave for all new parents welcoming a new child
  • Retirement savings plan to help you plan for the future
  • Remote work setup budget to help you create a productive home office
  • Monthly wellness and communication stipend to keep you connected and balanced
  • In-office meal program and commuter benefits provided for onsite employees
  • Offers Equity
  • Fulltime
Read More
Arrow Right

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

Kensho is S&P Global’s hub for AI innovation and transformation. With expertise ...
Location
Location
United States , New York; Cambridge
Salary
Salary:
160000.00 - 190000.00 USD / Year
kensho.com Logo
Kensho Technologies
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Five or more years of experience as a security engineer
  • Experience securing modern web applications and distributed data infrastructure in a cross-team setting
  • Prior experience working with enterprise security technologies such as WAF, CSPM, OAuth2, and SIEM
  • Strong understanding of cryptography and current best practices
  • Experience with penetration testing tools, techniques and methodologies and understanding of common vulnerabilities and remediation strategies
  • Three or more years experience writing code in Python, Javascript, Java, or Go
  • Experience conducting or facilitating IT security audits
  • Familiarity with security models for cloud providers such as AWS, Azure and GCP
  • Familiarity with core networking concepts and standard protocols such as TCP, UDP, and HTTP
Job Responsibility
Job Responsibility
  • Implement security frameworks to ensure Kensho maintains a security envelope aligned with S&P Global standards
  • Developing and updating security plans: Planning and managing security projects and initiatives
  • Emergency response: Demonstrating excellent surveillance and emergency response skills
  • Identifying and mitigating security vulnerabilities: Perform static and dynamic vulnerability assessments and incorporate tools in the SDLC using commercial and open source tools
  • Implementing de-escalation techniques: Prioritizing training in de-escalation techniques to effectively deal with conflicts
  • Maintain a GenAI security posture: Help establish and enable a GenAI security posture at an enterprise scale and have complete oversight of the AI Accelerator Security program
  • Risk assessment and management: Spotting risky behaviors and configurations in critical infrastructure components to stop network intrusions and preempt cyberattacks
  • Auditing policies and controls continuously: Driving the cybersecurity process forward by regularly auditing the policies and controls in place
  • Building a vulnerability management program: Ensuring that people in the organization continuously check for known vulnerabilities and take appropriate steps to remediate them
  • Design and implement security controls and processes across Kensho and provide monitoring to ensure compliance
What we offer
What we offer
  • Medical, Dental, and Vision insurance
  • 100% company paid premiums
  • Unlimited Paid Time Off
  • 26 weeks of 100% paid Parental Leave (paternity and maternity)
  • 401(k) plan with 6% employer matching
  • Generous company matching on donations to non-profit charities
  • Up to $20,000 tuition assistance toward degree programs, plus up to $4,000/year for ongoing professional education such as industry conferences
  • Plentiful snacks, drinks, and regularly catered lunches
  • Dog-friendly office (CAM office)
  • Bike sharing program memberships
  • Fulltime
Read More
Arrow Right

Security Engineer, Application Security

Figure is an AI Robotics company developing a general purpose humanoid. Our huma...
Location
Location
United States , San Jose
Salary
Salary:
150000.00 - 350000.00 USD / Year
figure.ai Logo
Figure
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in several of the following application security domains: penetration testing, vulnerability research, security assessment, secure coding practices, security architecture & design, hardware security
  • Strong software engineering (not scripting or automation) skills in C/C++, Rust, Golang, Python or similar
  • Experience with securing embedded systems, including secure boot, secure identity, OTA, or others
  • Solid foundation in web security, mobile security, or cryptography
  • Ability to collaborate with internal and external stakeholders whilst prioritizing tasks and work independently under minimal supervision.
  • BS in Computer Science, Engineering, Information Systems, or equivalent years of experience in a related technical field
  • 3+ years of experience in the field of application security or related security role
  • Passion for learning and helping others
  • Excellent verbal and written communication skills, with high attention to detail
Job Responsibility
Job Responsibility
  • Conduct security assessments of applications, embedded systems, back-end services, and business integrations, as well as build tooling for a secure development lifecycle
  • Design technical solutions to mitigate security weaknesses on the robot and our service stack. Work with teams across the company to implement them.
  • Build frameworks and systems to prevent classes of vulnerabilities
  • Hunt for vulnerabilities and insecure coding patterns on our product stack (backend services and robot internal systems)
  • Be a champion for security and user privacy
  • Fulltime
Read More
Arrow Right

Security Engineer

As a Security Engineer, you’ll play a key role in shaping the security and resil...
Location
Location
France , Aix en Provence
Salary
Salary:
Not provided
voyage-prive.co.uk Logo
Voyage Privé
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–7 years of experience in software engineering, security engineering, DevSecOps, or equivalent technical security roles
  • Strong development background (Python, Node.js, Java, Go, PhP or similar)
  • Hands-on experience with modern CI/CD systems (GitHub Actions, GitLab, Jenkins)
  • Solid understanding of cloud security principles (AWS, GCP, Azure)
  • Experience securing both virtualized systems (VMs) and containerized workloads
  • Strong knowledge of secure coding, OWASP Top 10, and application security fundamentals
  • Experience with SAST, SCA, container/IaC scanning, runtime security tools, IAM, and secrets management
  • Pragmatic, engineering-first mindset: able to balance security with developer experience, velocity, and real-world constraints
  • Excellent communication skills: able to translate complex security issues into actionable guidance for both technical and non-technical stakeholders
  • Proactive, autonomous, critical thinker with a continuous improvement mindset
Job Responsibility
Job Responsibility
  • Strengthen the security posture across products and infrastructure: secure coding practices, code reviews, threat modeling, vulnerability remediation, cloud, and network hardening
  • Develop automated security guardrails integrated into CI/CD pipelines (SAST, SCA, secrets scanning)
  • Design secure architectures for applications, APIs, data flows, and integrations in partnership with engineering teams
  • Secure hybrid environments combining virtual machines, containerized workloads, and cloud-native services, ensuring consistent security standards across the entire platform
  • Drive proactive risk identification through continuous scanning, threat modeling sessions, risk assessments, and architecture reviews
  • Enable engineering teams to build secure-by-design practices by acting as a trusted advisor, developing internal tools, and leading security awareness sessions
  • Operational security & incident readiness: participate in on-call rotations, investigate security events, and improve incident response workflows
  • Lead security improvement projects: build automation, enhance tools, optimize processes, and foster a culture of security ownership
What we offer
What we offer
  • Access our large on-site fitness center morning, noon, and night
  • Private padel court
  • Company Breaks, Carnival, Annual Convention, meetups and talks
  • Free tickets to every Provence Rugby home match and live music nights at the Dalida Institute
  • Up to 20% off our exclusive getaway offers
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy