Application Security Engineer | SAST/DAST/SCA | Hybrid | Weekends Off

Drive Application Security Through SAST, DAST, and SCA

This role is designed for professionals with hands-on AppSec or DevSecOps experience who understand how to identify vulnerabilities before production and partner with engineering teams to strengthen secure development practices. Grow your expertise in a role that combines automation, security innovation, and meaningful technical impact-supported by Emapta's award-winning culture, global opportunities, and long-term career growth.

Job Overview

Work setup: Hybrid, Makati

• Competitive salary package
• Hybrid work arrangement
• HMO coverage with free dependent upon regularization
• Prime office location in Makati (Easy access to MRT stations, restaurants, and banks)
• Day shift schedule
• Fixed weekends off
• Salary Advance Program through our banking partner (Eligibility and approval subject to bank assessment. Available to account holders with minimum of 6 months company tenure.)
• Unlimited upskilling through Emapta Academy courses
• Free 24/7 access to our office gyms (Ortigas and Makati) with a free physical fitness trainer
• Exclusive Emapta Lifestyle perks (hotel and restaurant discounts, and more!)
• Unlimited opportunities for employee referral incentives across the organization
• Standard government and Emapta benefits
• Total of 20 annual leaves to be used on your own discretion (including 5 credits convertible to cash)
• Fun engagement activities for employees
• Mentorship and exposure to global leaders and teams
• Career growth opportunities
• Diverse and supportive work environment

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience
• Minimum 3 years of hands-on experience in application security, secure coding, or DevSecOps roles
• Proven experience integrating SAST, DAST, and SCA tools into CI/CD pipelines
• Strong background in application security, with direct exposure to secure software development and vulnerability management
• Practical experience using SAST tools such as SonarQube, Fortify, or Checkmarx
• Practical experience using DAST tools such as OWASP ZAP or Burp Suite
• Practical experience using SCA tools such as Snyk, WhiteSource, or OWASP Dependency-Check
• Solid understanding of CI/CD platforms such as GitLab CI, Azure DevOps, or Jenkins
• Strong knowledge of OWASP Top 10, common application vulnerabilities, and application attack vectors
• Familiarity with secure coding practices in JavaScript, Python, .NET, or Java
• Experience with infrastructure-as-code security and container security, including Docker and Kubernetes
• Working knowledge of REST API security and authentication standards such as OAuth, SAML, and OpenID

Your Daily Tasks

• Integrate security controls and automated checks into the CI/CD pipeline to support a secure SDLC
• Lead and conduct security testing for all application releases, including manual code reviews when required
• Build, manage, and maintain DevSecOps tool integrations and automation scripts
• Evaluate and implement open-source or commercial AppSec tools to strengthen the pipeline

• Perform Static Application Security Testing (SAST)
• Perform Dynamic Application Security Testing (DAST)
• Conduct Software Composition Analysis (SCA)

• Assist with threat modeling and security design reviews for all in-house applications
• Maintain a risk-based prioritization matrix for identified application vulnerabilities

• Define and enforce secure coding standards and best practices across internal development teams
• Support audit and compliance reporting related to application security (SOC 2, ISO 27001, PCI-DSS)

• Work closely with developers and DevOps teams to embed security into application design, development, and deployment
• Coordinate vulnerability management and remediation tracking related to application flaws
• Collaborate with the Release Manager to enforce security gate checks before production deployment

• Perform administrative or non-administrative duties as assigned by the Company's representatives through written or verbal instruction

Join the Top 1% Talent. A better career. A better life.

At Emapta, recognized as one of HR Asia's Best Companies to Work For in Asia 2025 and a finalist in 2026 Inspiring Workplaces Awards Asia, you'll build a career in an environment designed for growth, trust, and long-term success. With a strong culture rooted in care, inclusion, and accountability, every role contributes to delivering world-class outcomes.

Be part of a team that powers global partnerships: spanning 20 offices across 11 countries and supporting 1,000+ clients. Whether in HR, IT, Recruitment, Finance, Marketing, or Facilities, your work drives real impact behind the scenes.

At Emapta, you're part of a community of 11,000+ professionals building meaningful careers with purpose.

• Tim Vorbach, CEO

Apply now and be part of the #EmaptaEra.