Senior/Staff Application Security Engineer (Bangkok based, relocation provided)

• Engage in projects, research, and security tool development to enhance security measures and meet compliance requirements. * Scale security processes using automation. * Provide training, outreach, and develop documentation to guide security practices among internal teams. * Offer technical guidance, advocate for automation, evaluate designs, and lead our security teams to empower engineering partners with cutting-edge tools, techniques, and methodologies to naturally build secure products. Qualifications * Strong foundations in secure design reviews, threat modeling experience, code reviews, pen-testing. * Minimum of 3 years of technical experience with any combination of threat modeling, secure coding, identity management, authentication, software development, cryptography, system administration, network security. * Minimum 2 years experience with Software Development Life Cycle in one or more languages (Go, Python, Nodejs, Rust, etc.). * Experience with public/private cloud

environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.). * In-depth knowledge of security principles, compliance regulations, and change management. * Experience in running assessments using OWASP MASVS and ASVS. * Working knowledge on exploiting and fixing application vulnerabilities. * Proven expertise in architectural threat modeling and conducting secure design reviews. * In-depth knowledge of common web application vulnerabilities (e.g., OWASP Top 10 or SANS Top 25). * Familiarity with automated dynamic scanners, fuzzers, and proxy tools. * An analytical mind for problem-solving, abstract thought, and offensive security tactics. * Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences. * Exposure to advanced AI and Large Language Model (LLM) security. Benefits * Relocation package provided if you prefer to relocate to Bangkok, Thailand. *

Hybrid Working Model. * WFH Setup Allowance. * 30 Days of Remote Working from anywhere globally every year. * Employee discount for accommodation globally. * Global team of 90+ nationalities. * 40+ offices and 25+ countries. * Annual CSR / Volunteer Time off. * Benevity Subscription for employee donations. * Volunteering opportunities globally. * Free Headspace subscription. * Free Odilo & Udemy subscriptions. * Access to Employee Assistance Program (third party for personal and workplace support). * Enhanced Parental Leave. * Life, TPD & Accident Insurance. Equal Opportunity Employer At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person's merit and qualifications. We are committed to providing equal

Senior/Staff Application Security Engineer (Bangkok based, relocation provided) At Agoda, we bridge the world through travel. Our story began in 2005, when two lifelong friends and entrepreneurs, driven by their passion for travel, launched Agoda to make it easier for everyone to explore the world. Today, we are part of Booking Holdings [NASDAQ: BKNG], with a diverse team of over 7,000 people from 90 countries, working together in offices around the globe. Get to Know our Team: The Security Department oversees security, compliance, GRC, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees in order to keep Agoda safe and protected. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment. Responsibilities * Conduct application security reviews and perform penetration testing, ensuring alignment with compliance standards.