Senior Application Security Engineer (Bangkok based, relocation provided)

Senior Application Security Engineer (Bangkok based, relocation provided)

Join Agoda as a Senior Application Security Engineer based in Bangkok with relocation support. This role sits in the Security Department, which oversees security, compliance, GRC, and security operations for all Agoda.

• Play a lead role in developing and designing application-level security controls and standards.
• Perform application security design reviews against new products and services.
• Track and prioritize all security issues.
• Build internal security tools that help fix security problems at scale.
• Perform code review and drive remediation of discovered issues.
• Enable automated security testing at scale to measure vulnerability, and report on risk across all microservice, web and mobile platforms.
• Execute security tests on thousands of servers spread across on-premise and public cloud data centers.

• Strong foundations in software engineering.
• Minimum of 7 years of technical experience with any combination of: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security.
• Minimum 2 years of experience with Software Development Life Cycle in one or more languages (Rust, Python, Go, Node.js, etc.).
• Minimum 1 year of experience with public / private cloud environments (OpenShift, Rancher, Kubernetes, AWS, GCP, Azure, etc.).
• Experience in running assessments using OWASP MASVS and ASVS.
• Working knowledge of exploiting and fixing application vulnerabilities.
• Strong background in threat modeling.
• In-depth knowledge of common web application vulnerabilities (e.g., OWASP Top 10).
• Familiarity with automated dynamic scanners, fuzzers, and proxy tools.
• Analytical problem-solving skills, abstract thinking, and offensive security tactics.
• Excellent verbal and written communication skills to convey technical concepts to diverse audiences.
• Relocation package provided for moving to Bangkok, Thailand.
• Hybrid working model; WFH setup allowance; 30 days remote working from anywhere globally each year.

About Agoda: Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of hotels and holiday properties worldwide, plus flights, activities, and more. We innovate through a culture of experimentation and ownership, enhancing the customer experience.

Equal Opportunity Employer: Agoda is committed to equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, or other legally protected characteristics. We will keep your application on file unless you request removal, and you can read our privacy policy for more details.

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Technology, Information and Internet