Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct application security reviews and perform penetration testing to protect our systems.
- Company: Join Agoda, a leading online travel booking platform with a diverse and creative culture.
- Benefits: Enjoy a hybrid working model, global employee discounts, and generous remote work options.
- Why this job: Make a real impact on security while working with cutting-edge technology in Bangkok.
- Qualifications: 3+ years in application security, strong coding skills, and knowledge of cloud environments.
- Other info: Relocation package provided; thrive in a dynamic environment with global opportunities.
The predicted salary is between 43200 - 72000 £ per year.
Senior/Staff Application Security Engineer (Bangkok based, relocation provided)
About Agoda: Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of hotels, flights, activities, and more. We are headquartered in Asia and part of Booking Holdings, with 7,100+ employees representing 95+ nationalities in 27 markets, fostering a diverse, creative, and collaborative work environment. We innovate through a culture of experimentation and ownership to enhance the travel experience for our customers.
The Opportunity / Role Summary
The Security Department oversees security, compliance, GRC, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees. This role offers a great challenge for those who want to work with best-in-class technology in a dynamic environment.
- Conduct application security reviews and perform penetration testing, ensuring alignment with compliance standards.
- Engage in projects, research, and security tool development to enhance security measures and meet compliance requirements.
- Scale security processes using automation.
- Provide training, outreach, and develop documentation to guide security practices among internal teams.
- Offer technical guidance, advocate for automation, evaluate designs, and lead our security teams to empower engineering partners with cutting-edge tools, techniques, and methodologies to naturally build secure products.
What you\’ll Need to Succeed / Role Requirements
- Strong foundations in secure design reviews, threat modeling experience, code reviews, pen-testing
- Minimum of 3 years of technical experience with any combination of threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
- Minimum 2 years experience with Software Development Life Cycle in one or more languages (Go, Python, Nodejs, Rust, etc.)
- Experience with public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.)
- In-depth knowledge of security principles, compliance regulations, and change management.
- Experience in running assessments using OWASP MASVS and ASVS.
- Working knowledge on exploiting and fixing application vulnerabilities.
- Proven expertise in architectural threat modeling and conducting secure design reviews.
- In-depth knowledge of common web application vulnerabilities (i.e. OWASP Top 10 or SANS top 25).
- Familiarity with automated dynamic scanners, fuzzers, and proxy tools.
- An analytical mind for problem solving, abstract thought, and offensive security tactics.
- Highly effective communication skills, in both verbal and written forms, to effectively convey technical and non-technical concepts to a wide variety of audiences.
- Exposure to advanced AI and Large Language Model (LLM) security
- Relocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are…
- Hybrid Working Model
- WFH Set Up Allowance
- 30 Days of Remote Working from anywhere globally every year
- Employee discount for accommodation globally
- Global team of 90+ nationalities
- 40+ offices and 25+ countries
- Annual CSR / Volunteer Time off
- Benevity Subscription for employee donations
- Volunteering opportunities globally
- Free Headspace subscription
- Free Odilo & Udemy subscriptions
- Access to Employee Assistance Program (third party for personal and workplace support)
- Enhanced Parental Leave
- Life, TPD & Accident Insurance
Equal Opportunity Employer
At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics.
We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy.
Disclaimer
We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee.
#J-18808-Ljbffr
Senior/Staff Application Security Engineer (Bangkok based, relocation provided) employer: Agoda
Contact Detail:
Agoda Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior/Staff Application Security Engineer (Bangkok based, relocation provided)
✨Tip Number 1
Network like a pro! Reach out to current employees at Agoda on LinkedIn or other platforms. Ask them about their experiences and any tips they might have for landing a role in the security team.
✨Tip Number 2
Show off your skills! Prepare a portfolio of your past projects, especially those related to application security. This will give you a chance to demonstrate your expertise during interviews.
✨Tip Number 3
Practice makes perfect! Brush up on your technical skills by doing mock interviews or coding challenges. This will help you feel more confident when discussing your experience with secure design reviews and penetration testing.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets noticed. Plus, it shows you’re genuinely interested in joining the Agoda team and contributing to our mission.
We think you need these skills to ace Senior/Staff Application Security Engineer (Bangkok based, relocation provided)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the skills and experiences that align with the Senior/Staff Application Security Engineer role. Highlight your experience in secure design reviews, threat modelling, and any relevant technologies you've worked with.
Craft a Compelling Cover Letter: Use your cover letter to tell us why you're passionate about application security and how your background makes you a great fit for Agoda. Be sure to mention specific projects or achievements that showcase your expertise.
Showcase Your Technical Skills: In your application, don't shy away from detailing your technical skills. Mention your experience with cloud environments, coding languages, and any tools you've used for penetration testing or vulnerability assessments.
Apply Through Our Website: We encourage you to apply directly through our website. This ensures your application gets to the right people and helps us keep track of all candidates efficiently. Plus, it’s super easy!
How to prepare for a job interview at Agoda
✨Know Your Stuff
Make sure you brush up on your knowledge of secure design reviews, threat modelling, and the OWASP Top 10 vulnerabilities. Being able to discuss these topics confidently will show that you're not just familiar with the theory but can apply it in real-world scenarios.
✨Showcase Your Experience
Prepare specific examples from your past work where you've conducted application security reviews or performed penetration testing. Use the STAR method (Situation, Task, Action, Result) to structure your answers and highlight your impact.
✨Get Familiar with Their Tech Stack
Agoda uses a variety of technologies, so if you have experience with Go, Python, or cloud environments like AWS or GCP, be ready to discuss how you've used them in your previous roles. This will demonstrate your adaptability and technical prowess.
✨Communicate Clearly
Since you'll need to convey complex security concepts to both technical and non-technical audiences, practice explaining your ideas clearly and concisely. Consider doing mock interviews with friends or colleagues to refine your communication skills.
