Senior Application Security ManagerSingapore
Life at Grab
At Grab, every Grabber is guided by The Grab Way, which spells out our mission, how we believe we can achieve it, and our operating principles - the 4Hs: Heart, Hunger, Honour and Humility. These principles guide and help us make decisions as we work to create economic empowerment for the people of Southeast Asia.
Get to know the Team
The Grab’s Application Security team is part of the Cyber Security team at Grab, and we focus on keeping our application and data safe while adapting to the high-speed growth of our business.
We are the team who focus on exploring and using advanced techniques to detect, mitigate, and remediate vulnerabilities and security flaws in Grab. If you are looking for an environment where you could continuously learn and grow, then you should join our team!
Get to know the Role
We are looking for someone who is passionate about exploring new technologies (i.e. LLM) and methodologies to elevate and redefine a new generation of Application Security function.
This role will report into the Head of Application Security; with a focus in coaching and mentoring a team of security engineers responsible for Application Security of apps and services in the areas of threat modeling, specification reviews, code reviews, and penetration testing. We believe a successful candidate has excellent communication skills, creative problem solving ability, and a strong passion in cybersecurity, but if you believe you have what it takes then we’d love to hear from you either way. This role is required because we care about our Grab’s mission and we would like someone who is outstanding to perform code review and organize penetration testing and possible red teaming for various systems at Grab.
The Day-to-Day Activities
You lead a team of security engineers responsible for Application Security of Grab Financial Group apps and services, Grab Passenger app, Grab Driver app, Grab Merchant app and its services - threat modeling, specification reviews, code reviews, and penetration testing
You engage with Cyber Security leadership to define and execute application security strategy. Build a vision to transform the Application Security mindset at Grab into a self-governing mode
You ensure stakeholder management is optimal to create a positive impact and building trust
You lead initiatives to improve the application security posture of Grab services to an increasing baseline
You engage with external vendors to facilitate third party security attestations needed to satisfy regulatory requirements
You engage with other Cyber Security verticals to streamline the processes and remove gaps to better support Grab’s business needs, meet security industry standards and data protection regulations
You have Heart, Hunger, Honour and Humility
10+ years of security industry experience utilizing web/mobile application security and knowledge of the security/threat landscape.
Working experience with cloud technologies such as AWS and Azure.
Strong understanding of defense in-depth methodologies.
Ability to develop technical solutions and use existing tools to help discover and mitigate security vulnerabilities
Ability to code or script in at least one programming language like Python, Java, GoLang, C++.
Excellent knowledge of pen-testing tools and procedures for Web/Mobile
Passionate about exploring new technologies i.e. LLM, AR etc
We are committed to building diverse teams and creating an inclusive workplace that enables all Grabbers to perform at their best, regardless of nationality, ethnicity, religion, age, gender identity or sexual orientation and other attributes that make each Grabber unique.
Follow us and keep updated!
Grab is an equal opportunity employer. We owe our success to the talents of our globally-diverse team and the varying perspectives they add to our thriving community.
Grab does not accept unsolicited resumes sent by recruiting agencies. Please do not forward resumes to our job postings, Grab employees or other parts of the business. Grab will not be liable to pay any fees to agencies for candidates hired as a result of unrequested resumes.