IT Security Engineer - (Application Security)

A leading Hong Kong organisation seeks IT Security Engineer in Application Security to protect systems, partner with developers, deliver secure coding training, and promote responsible practices, with flexible work, training, and benefits.

Key responsibilities:

As an IT Security Engineer – Application Security, you will play a pivotal role in protecting the organisation’s digital assets by identifying vulnerabilities and embedding security into the software development lifecycle.

• Conduct vulnerability assessments of applications, APIs, and systems using automated tools and manual techniques
• Collaborate with developers to integrate secure design principles throughout the software development lifecycle
• Deliver workshops on secure coding practices to empower teams with application security knowledge
• Provide actionable remediation guidance for identified issues and track fixes through closure
• Stay updated on evolving security trends and contribute to improving internal processes

Candidate profile:

To excel in this role, you will bring proven expertise in application security and hands-on experience with industry-standard tools and programming languages.

• Degree in Computer Science, Information Technology, or a related field is required
• At least five years of IT experience, including three years focused on application development or testing
• Strong understanding of secure coding principles (e.g., OWASP Top 10) and hands-on experience with security tools
• Proficiency in at least one programming language (Java, Python, C#, etc.) for effective collaboration with developers
• Certifications such as OSCP or CISSP are highly regarded; familiarity with CI/CD pipelines is advantageous
• Strong communication skills in English and Cantonese; proficiency in Mandarin is an advantage

About the company:

Operating within the consumer products and industrial solutions industry, this organisation focuses on delivering practical, reliable solutions for everyday and professional use. It differentiates itself through steady innovation, efficient operations, and a strong emphasis on product quality. With a broad market presence and commitment to continuous improvement, it maintains resilience and adaptability in a competitive, fast-changing global landscape.

Keywords: application security, cybersecurity, vulnerability, OWASP, secure coding, DevSecOps, CI/CD

What's next:

If you are ready to share your expertise in application security within a collaborative environment that values growth and inclusivity, apply now!