Aligned with the evolution of the media landscape and our ambition to be a relentless creator of quality content and experiences, our brand refresh is yet another milestone for SPH Media. Our transformation journey started in 2022, on digitalisation, audience engagement and talent development. Throughout the journey, it remained steadfast in its mission to be the trusted source of news on Singapore and Asia. The refreshed brand stands for the importance of giving a voice to Singapore, while inspiring conversations and providing quality content that impact the lives of our audiences. We offer a varied portfolio of over 40 media brands ranging across news publications, lifestyle brands, and radio stations. We are relentless in our commitment to creating meaningful experiences that resonate deeply with our audiences.
As an Intern Application Security Engineer, you will be responsible for application security activities, working closely with SPH Media’s application development teams. This includes tools and practices on:
(1) Static Application Security Testing (SAST), which focuses on web and mobile application source codes written by developers
(2) Software Composition Analysis (SCA), which focuses on open source libraries and other dependencies used by web and mobile applications
(3) Dynamic Application Security Testing (DAST), which focuses on automatically simulating attacks to find vulnerabilities on running application instances
(4) Penetration Testing, which focuses on more specialised and manual attacks to find vulnerabilities on running application instances
Your responsibilities will include:
- Scan SPH Media’s web and mobile applications using our standard tools. This can be done either on-demand or set up with continuous integration (CI).
- Conduct penetration testing for SPH Media’s web and mobile applications
- Work closely with development team members to assess scan results to clear false positives
- Provide recommendations to fix vulnerabilities detected by the application security tools and penetration tests
- Extract report data from the different tools and collate for monthly reporting
- Aid the team to integrate application security tools with other internal services such as ticketing systems.
Qualifications:
- Has educational background in the area of application security, having security-related certifications is a plus
- Experience in coding applications and has familiarity with application software development processes, either web or mobile. Having knowledge in Java and PHP is a plus.
- Experience in application security tools for SAST, SCA and DAST. Having knowledge in Fortify, NexusIQ and BurpSuite is a plus.
- Familiarity with source code management and continuous integration. Having knowledge in GitHub is a plus
- Excellent communication skills and eagerness to learn new technologies.
Kindly note that only shortlisted candidates will be notified.
Related Company Review:
Related Job Searches:
- Company:
SPH Media Limited - Designation:
Application Security Engineer Intern - Profession:
Engineering - Industry:
Creative / Media - Location:
Toa Payoh