Jan
6
January 6, 2026 | Comments Off on Application Security Engineer (SAST/DAST) | Hybrid | Day Shift
A global career ecosystem built around people, not just roles At
Emapta Philippines, we don't just connect talent to global opportunities-we build careers that last. As a global outsourcing partner, we work with international clients across industries while keeping our people firmly supported at home. Our culture is rooted in trust, collaboration, and long-term growth, giving professionals the freedom to thrive, learn, and make meaningful contributions every day. Here, you're encouraged to grow beyond your job description, work with world-class teams, and shape a career that aligns with both your ambitions and your life.
Job Description As an
Application Security Engineer, you will embed security into the SDLC by leading SAST, DAST, and SCA initiatives, integrating controls into CI/CD pipelines, and partnering with developers to identify, prioritize, and remediate application risks before production.
Job Overview Employment type: Full-time
Shift: Day shift | Weekends off
Work setup: Hybrid, Makati
Exciting Perks Await!
Competitive salary package
Hybrid work arrangement
HMO coverage with free dependent upon regularization
Prime office location in Makati (Easy access to MRT stations, restaurants, and banks)
Day shift schedule
Fixed weekends off
Salary Advance Program through our banking partner (Eligibility and approval subject to bank assessment. Available to account holders with minimum of 6 months company tenure.)
Unlimited upskilling through Emapta Academy courses
Free 24/7 access to our office gyms (Ortigas and Makati) with a free physical fitness trainer
Exclusive Emapta Lifestyle perks (hotel and restaurant discounts, and more!)
Unlimited opportunities for employee referral incentives across the organization
Standard government and Emapta benefits
Total of 20 annual leaves to be used on your own discretion (including 5 credits convertible to cash)
Fun engagement activities for employees
Mentorship and exposure to global leaders and teams
Career growth opportunities
Diverse and supportive work environment
The Qualifications We Seek Education
Bachelor's degree in Computer Science, Cybersecurity, or a related field (or equivalent experience)
Experience
Minimum of 3 years of experience in application security, secure coding, or DevSecOps roles
Knowledge and Skills
Solid understanding of CI/CD tools (e.g., GitLab CI, Azure DevOps, Jenkins)
Hands-on experience with security testing tools, including:
SAST (e.g., SonarQube, Fortify, Checkmarx)
DAST (e.g., OWASP ZAP, Burp Suite)
SCA (e.g., Snyk, WhiteSource, OWASP Dependency-Check)
Strong knowledge of OWASP Top 10 and common application attack vectors
Familiarity with secure coding practices in JavaScript, Python, .NET, or Java
Experience with infrastructure-as-code security and container security (Docker, Kubernetes)
Working knowledge of REST API security and authentication standards (OAuth, SAML, OpenID)
Your Daily Tasks Security Testing & Assessment
Integrate security controls and automated checks into the CI/CD pipeline to support a secure SDLC
Lead and conduct security testing for all application releases, including manual code reviews when required
Build, manage, and maintain DevSecOps tool integrations and automation scripts
Evaluate and implement open-source or commercial AppSec tools to strengthen the pipeline
Secure Software Development Lifecycle (SSDLC)
Perform Static Application Security Testing (SAST)
Perform Dynamic Application Security Testing (DAST)
Conduct Software Composition Analysis (SCA)
Risk Assessment & Threat Modeling
Assist with threat modeling and security design reviews for all in-house applications
Maintain a risk-based prioritization matrix for identified application vulnerabilities
Compliance & Standards
Define and enforce secure coding standards and best practices across internal development teams
Support audit and compliance reporting related to application security (SOC 2, ISO 27001, PCI-DSS)
Collaboration and Education
Work closely with developers and DevOps teams to embed security into application design, development, and deployment
Coordinate vulnerability management and remediation tracking related to application flaws
Collaborate with the Release Manager to enforce security gate checks before production deployment
Other Responsibilities
Perform administrative or non-administrative duties as assigned by the Company's representatives through written or verbal instruction
Why We Stand Out Among the Rest! Join Emapta, recognized as
one of the Top 20 Dream Companies for Filipinos in 2024. With a 50/50 gender ratio and a culture rooted in care and empathy, you'll feel valued from day one. We're committed to growing talent and setting you up for success.
Be part of a team that showcases Filipino excellence to the world. With 20 offices across 11 countries and 1,000+ clients, you'll create real impact every day-whether you work from home or on-site. Our 100% virtual recruitment process makes it easy to get started.
At Emapta, you're not just joining a company-you're becoming part of a thriving community of 10,000+ professionals growing careers with purpose. And behind every partnership we build is a deep respect for people and the impact they make.
"We place integrity at the heart of everything we do and truly value the human experience. That's why, for clients, it's a profound and transformational process that gives them the opportunity to achieve the business growth they desire."
Tim Vorbach, CEO #EmaptaEra