SALMON ROBOTICS LIMITED
11 - 50 employees
đł Fintech
đŚ Banking
đĽ B2C
Fintech ⢠Banking ⢠B2C
SALMON ROBOTICS LIMITED is a financial technology company building digital banking and consumer finance services in the Philippines under the Salmon Group and Salmon Bank brands. Backed by experienced finance and tech leaders and international investors, it operates a licensed rural bank, offers deposit products, consumer lending, payment and QR solutions, and deploys AI and data analytics to improve security, customer experience, and inclusivity. The company emphasizes customer care, intuitive product design, partnerships with retailers and payment networks, and 24x365 dependable service to expand access to modern financial services for millions of Filipinos.
Application Security Engineer
Job not on LinkedIn
đĽ 0 minutes ago
đ Check your resume score for this job
Improve your chances of getting an interview by checking your resume score before you apply.
SALMON ROBOTICS LIMITED
11 - 50 employees
đł Fintech
đŚ Banking
đĽ B2C
Fintech ⢠Banking ⢠B2C
SALMON ROBOTICS LIMITED is a financial technology company building digital banking and consumer finance services in the Philippines under the Salmon Group and Salmon Bank brands. Backed by experienced finance and tech leaders and international investors, it operates a licensed rural bank, offers deposit products, consumer lending, payment and QR solutions, and deploys AI and data analytics to improve security, customer experience, and inclusivity. The company emphasizes customer care, intuitive product design, partnerships with retailers and payment networks, and 24x365 dependable service to expand access to modern financial services for millions of Filipinos.
đ Description
⢠You'll own application security across our mobile banking platform, payments stack, and a growing set of regulated products ⢠Conduct a threat modeling, security reviews, CI/CD tooling - with real process ownership ⢠Report to the Group CISO and work closely with both our engineering teams and the Bank IS function ⢠Identify which systems, data flows, and product changes carry the highest real-world risk and build your work around that ⢠Decide when a security gate is worth slowing down a release and when it isn't ⢠Maintain a risk register for application-layer exposures ⢠Figure out where in our delivery process security decisions are actually being made and put controls there ⢠Run threat modeling for high-stakes product changes before design is locked ⢠Build a mobile security testing baseline that the team runs themselves ⢠Assess what the current pipeline actually catches versus what it produces as noise, and fix the ratio before adding more scanners ⢠Own supply chain posture and many additional responsibilities related to security and compliance
đŻ Requirements
⢠7+ years in application security, with meaningful ownership over both technical work and process ⢠Has built or substantially improved a secure SDLC in a fast-moving product org ⢠Has run threat modeling on real product features and influenced design decisions as a result ⢠Has owned vulnerability management end-to-end: triage, remediation tracking, SLA management, risk acceptance ⢠Has done hands-on mobile security testing (iOS and/or Android) in a production context, not just UAT ⢠Understands modern supply chain attack vectors like compromised packages (npm, PyPI), malicious IDE plugins, typosquatting, dependency confusion - and knows how to reduce exposure at the tooling and process level ⢠Comfortable writing Python or Bash to automate repetitive security work ⢠Strong written English; most day-to-day alignment is async ⢠Can explain a security issue clearly to an engineer and summarize the same issue for a non-technical stakeholder.
đď¸ Benefits
⢠Work from anywhere ⢠Flexibility in work arrangements ⢠Paid time off ⢠Professional development opportunities
Apply Now
