Kerja Sepenuh Masa, Lead Application Security Engineer di Encora Inc. Federal Territory - Maukerja

Key Responsibilities:

• Threat Modeling: Lead design reviews for new banking features (Payments, Transfers,
  
  

KYC). Identify logic flaws before code is written.

• Pipeline Automation: Architect and maintain the SAST/DAST/SCA tooling in the CI/CD
  
  

pipeline (e.g., SonarQube, Snyk, GitLab CI) to block vulnerabilities automatically.

• Code Review: Perform manual code audits on high-risk components (Authentication,
  
  

Ledger logic) in Java, Kotlin, or Swift.

• Cloud & AI Patterns: Deliver API, container, cloud, and AI security design patterns.
  
  

Ensure that developers have "paved roads" (secure templates) for deploying

microservices and AI models.

• Culture: Act as a mentor to the development team, running secure coding workshops and
  
  

championing a "Security Champion" program.

Technical Requirements:

• 5+ years in Application Security with a background in Software Development.
• Proficiency in at least one core language: Java (Spring Boot), Node.js, or Go.
• Deep understanding of OWASP Top 10 and SANS Top 25.
• Experience with CI/CD integration (Jenkins, GitHub Actions).
• Bonus: Experience in Fintech or Banking.