Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
NAB

Associate, DAST & API Security Posture

NAB

Associate in DAST & API Security driving application security policies and practices at NAB Vietnam. Collaborating with development teams to enhance the security of applications and APIs.

Posted 6/19/2026full-timeHanoi • 🇻🇳 VietnamJuniorMid-LevelWebsite

Tech Stack

Tools & technologies
AWSAzureCloudCyber SecurityJavaPython

About the role

Key responsibilities & impact
  • Ensure respective policy, standards, processes and controls meet regulator and compliance expectations
  • Support meeting departmental budgets
  • Ensure controls and timely completion of findings and treatment plans
  • Ensure and drive security outcomes relating to software development and devops practices
  • Ensure and optimize dynamic application security testing tools and API security solutions
  • Ensure tools are configured correctly and operating efficiently to provide maximum protection
  • Utilize a variety of testing methodologies and tools to uncover potential threats and risks while eliminating the false positives
  • Enhance and update application dynamic testing methodologies, processes and standards documentation
  • Document and evangelize secure API design patterns
  • Build and promote code libraries for API security
  • Automate continuous security testing of APIs
  • Consult with development teams to educate and improve awareness of secure standards and practices
  • Support and champion the development of secure and reusable code across development teams to eliminate gaps identified in dynamic and API security testing
  • Develop or use tooling to identify security vulnerabilities within our web application footprint
  • Produce clear and accurate reporting for stakeholders
  • Work with Cyber Engineering & Platforms teams to expand coverage and integrate dynamic and API security testing
  • Work with Detection & Response and other Cyber Security teams to ensure critical exposures are mitigated in a timely manner
  • Extend support on remediation of dynamic application testing and API vulnerabilities discovered through scanning and security testing
  • Help manage the organization's vulnerability intake and remediation process
  • Support incident response efforts as required
  • Stay abreast of current and emerging technologies, threats and vulnerabilities, and best practice protection methods
  • Research and analyze application behaviors to improve security and stability
  • Contribute to the evolution of the organization's application security functions and services
  • Other activities as required by management

Requirements

What you’ll need
  • 3 years of experience working in a Application Security, consulting or related role
  • Delivery / execution of API security and dynamic security testing across NAB
  • Implement security controls across API Gateways
  • Stakeholder management
  • Risk management and compliance
  • Experience in securing APIs and Dynamic/Runtime security scanning
  • DevOps operating model and technologies
  • Development skills
  • Vulnerability management
  • Working experience in Cloud technologies – AWS and/or Azure
  • Hands on with coding: Scripting using Java/Python
  • Excellent verbal and written communication skills
  • Experience with security tools in SAST (static code testing), SCA (software composition analysis), CSS (container security), DAST (dynamic security testing)
  • Tertiary qualified with a Degree in Information Technology or related.
  • Having a industry leading cyber security certifications will be a plus

Benefits

Comp & perks
  • Generous compensation and benefit package
  • Attractive salary
  • 20-day paid annual leave and 7-day paid sick leave
  • 13th month salary and Annual Performance Bonus
  • Premium healthcare for yourself and family members
  • Monthly allowance for team activities
  • Premium welcome kit and occasional gifts of appreciation
  • Extra benefits on your work anniversary
  • Large scale products with modern technologies in banking domain
  • Clear roadmap for career advancement in both technical and leadership pathways
  • Access to digital learning platform such as Udemy
  • Consistent and high-quality leadership training through the Distinctive Leadership program (DLP)
  • Specialist capabilities and accreditations in key skill areas such as Cloud Engineering, Digital, Data, Security and SREs (Site reliability engineers)
  • Sponsored English course with native teachers
  • Opportunity for training in Australia
  • Hybrid working model and excellent work-life balance
  • State-of-the-art & modern Agile office
  • Food and beverages in the office pantry
  • Employee Assistance Program to improve your physical and mental health
  • Annual team activities and company events
  • A solid and talented team behind you – great people who love what they do

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
API securitydynamic security testingsecurity controlsvulnerability managementscriptingJavaPythonSASTSCADAST
Soft Skills
stakeholder managementrisk managementcommunication
Certifications
cyber security certifications