Apply Now Bangkok, Thailand About Agoda Agoda is an online travel booking platform for accommodations, flights, and more. We build and deploy cutting-edge technology that connects travelers with a global network of 4.7M hotels and holiday properties worldwide, plus flights, activities, and more. Based in Asia and part of Booking Holdings, our 7,100 employees representing 95 nationalities in 27 markets foster a work environment rich in diversity, creativity, and collaboration. We innovate through a culture of experimentation and ownership, enhancing the ability for our customers to experience the world. Our Purpose – Bridging the World Through Travel We believe travel allows people to enjoy, learn and experience more of the amazing world we live in. It brings individuals and cultures closer together, fostering empathy, understanding and happiness. We are a skillful, driven and diverse team from across the globe, united by a passion to make an impact. Harnessing our innovative technologies and strong partnerships, we aim to make travel easy and rewarding for everyone. Get to Know our Team: The Security Department oversees security, governance, risk management, and compliance, and security operations for all Agoda. We are vigilant in ensuring there is no breach or vulnerability threatening our company or endangering our employees to keep Agoda safe and protected. Given that the security ecosystem is moving forward at tremendous speed, we like to be early adaptors of recent technology and products. This would be a great challenge for those who want to work with the best technology in a dynamic and advanced environment. The Opportunity: As a Security Analyst, you will focus on identifying, analyzing, and remediating vulnerabilities across our environment. You will be hands-on with penetration testing and vulnerability management, ensuring our systems remain secure and resilient. In this Role, you’ll get to: Develop Security Automation Tools to implement solutions at scaleTriage security findings from multiple tools and work with hundreds of teams to get them remediated within the right SLAConduct security assessments through code reviews, vulnerability assessments, penetration testing and risk analysisResearch on the negative effects of a vulnerability, from minimizing the impact to altering security controls for future preventionIdentify potential threats so that the organization can protect itself from malicious hackers. This includes Vulnerability Management, Bug Bounty Program, Penetration TestingBe responsible for developing Security Trainings for developersWork with DevSecOps team in integration of tools into CI/CD, as well as fine-tune the rules and precision What you’ll Need to Succeed: 5 years in the information security field5 years of experience with Penetration Testing (Web, Infra, Mobile, APIs etc.) and Vulnerability ManagementMinimum 1 year of experience running a bug bounty platformMinimum 2years of experience with any of public/private cloud environments (Openshift, Rancher, K8s, AWS, GCP, Azure, etc.)Experience performing security testing, e.g. code review and web application security testingFamiliarity with Gitlab, Defectdojo, JIRA, ConfluenceProficient in one or more programming languages such as Python, Go, Node.js, Python etc.Familiar with analytics platform and databases such as GraphQL , REST APIs, Postgres, MSSQL, Kafka, Hadoop, S3 etcStrong knowledge of Security Assessment tools such as security scanners (Nessus, Acunetix and similar platforms) and fuzzers It’s great if you have: Knowledge in Container Image Security, Dependency Checking, Fuzzing and License ScanningFamiliarity with security incident response processes and 0-days Security CertificationsRelocation package is provided in case you prefer to relocate to Bangkok, Thailand. Our benefits are…Hybrid Working ModelWFH Set Up Allowance30 Days of Remote Working from anywhere globally every yearEmployee discount for accommodation globallyGlobal team of 90 nationalities40 offices and 25 countriesAnnual CSR / Volunteer Time offBenevity Subscription for employee donationsVolunteering opportunities globallyFree Headspace subscriptionFree Odilo & Udemy subscriptionsAccess to Employee Assistance Program (third party for personal and workplace support)Enhanced Parental LeaveLife, TPD & Accident Insurance sanfrancisco sanjose losangeles sandiego oakland denver miami orlando atlanta chicago boston detroit newyork portland philadelphia dallas houston austin seattle sydney melbourne perth toronto vancouver montreal shanghai beijing shenzhen prague Brno Ostrava cairo alexandria giza estonia paris berlin munich hamburg stuttgart cologne frankfurt dusseldorf dortmund essen Bremen leipzig dresden hanover nuremberg athens hongkong budapest jakarta bali dublin telaviv jerusalem milan rome venice florence naples turin palermo bologna tokyo osaka yokohama nagoya okinawa fukuoka sapporo kualalumpur malta amsterdam oslo manila warsaw krakow bucharest doha alrayyan moscow saintpetersburg riyadh jeddah mecca medina singapore capetown johannesburg seoul barcelona madrid stockholm zurich taipei tainan taichung kaohsiung bangkok Phuket istanbul dubai abudhabi sharjah london manchester edinburgh kiev hcmc hanoi amsterdam bucharest lodz wroclaw poznan katowice rio salvador newdelhi Hyderabad bangalore Mumbai Bengaluru Chennai Kolkata Lucknow bandung yokohama nagoya okinawa fukuoka IT 4 Equal Opportunity Employer At Agoda, we pride ourselves on being a company represented by people of all different backgrounds and orientations. We prioritize attracting diverse talent and cultivating an inclusive environment that encourages collaboration and innovation. Employment at Agoda is based solely on a person’s merit and qualifications. We are committed to providing equal employment opportunity regardless of sex, age, race, color, national origin, religion, marital status, pregnancy, sexual orientation, gender identity, disability, citizenship, veteran or military status, and other legally protected characteristics. We will keep your application on file so that we can consider you for future vacancies and you can always ask to have your details removed from the file. For more details please read our privacy policy. Disclaimer We do not accept any terms or conditions, nor do we recognize any agency’s representation of a candidate, from unsolicited third-party or agency submissions. If we receive unsolicited or speculative CVs, we reserve the right to contact and hire the candidate directly without any obligation to pay a recruitment fee. Copy Link Line WeChat LinkedIn Email
