Ref. No. a0MP9000009yn2HMAQ
- Azure - Security
Description
Responsibilities
Conduct manual and automated security testing on applications, APIs, and related systems.
Identify and analyze vulnerabilities using DAST/SAST tools (e.g. Burp Suite, OWASP ZAP, SonarQube) and manual techniques.
Perform root cause analysis, validate remediation, and track closure of findings.
Work closely with development teams to review code, assess secure designs, and embed security into the SDLC.
Provide practical remediation guidance aligned with OWASP Top 10, CWE, and CVSS.
Educate developers through workshops, documentation, and coaching.
Requirements
Degree in Computer Science / IT or related field.
5+ years of IT experience, with 3+ years in application development or testing.
Strong knowledge of secure coding, application architectures (web, API, cloud), and common vulnerabilities.
Hands-on experience with application security testing tools and secure code reviews.
Familiar with CI/CD, DevSecOps, and agile development.
Proficiency in at least one programming language (Java, Python, or C#).
Strong communication and stakeholder engagement skills.
Fluent in Cantonese and English; Mandarin is a plus.
Relevant certifications (e.g. OSCP, CISSP, GIAC) are an advantage.
Willingness to travel occasionally within China / Asia.