Hong Kong, Hong Kong, Hong Kong

Futu US Inc. is hiring a Security Engineer

About the Role

Role Overview

This position is responsible for embedding security into every stage of software development, from initial design to pre-release validation. You will ensure that security is a foundational element in product development by applying structured processes and technical expertise.

Key Responsibilities

Evaluate product security at each phase of development, including requirements gathering, architecture design, and testing prior to launch.
Create and enforce security standards that span the full software lifecycle, covering threat modeling, secure coding practices, code reviews, and penetration testing.
Build and maintain security controls within the development pipeline to ensure consistent enforcement of policies.
Monitor and manage identified vulnerabilities across development stages, generate risk assessments, and lead remediation efforts to resolution.

Required Qualifications

Hold a Bachelor’s degree or higher in Computer Science, Information Security, or a related discipline.
Demonstrate knowledge of blockchain technology and its security implications.
Possess a working understanding of Security Development Lifecycle (SDL) frameworks.
Have strong programming skills in languages such as C++ or Go, with experience in analyzing code for security flaws.
Provide actionable feedback to engineering teams for addressing issues detected through static and dynamic analysis tools.
Be proficient with DevSecOps tools including SAST, DAST, IAST, container security, and Software Composition Analysis (SCA).
Have hands-on experience with security scanners like Fortify, Checkmarx, Coverity, AppScan, Black Duck, and WebInspect.
Understand common attack vectors such as SQL Injection, XSS, and CSRF, and be skilled in using tools like OWASP ZAP, Burp Suite, and Wireshark for testing.
Show competence in analyzing vulnerabilities and guiding effective fixes.

Preferred Background

Practical involvement in threat modeling, code audits, or penetration testing engagements.
Prior internship or project experience applying SDL practices in a financial services environment.

Required Skills

C++GoSASTDASTIASTFortifyCheckmarxCoverityAppScanBlack DuckSecurity SDLThreat ModelingCode AuditingPenetration TestingVulnerability Remediation C++GoSASTDASTIASTFortifyCheckmarxCoverityAppScanBlack DuckSecurity SDLThreat ModelingCode AuditingPenetration TestingVulnerability Remediation

Starting a business in Thailand?

Company registration done right

Foreign ownership rules, licenses, tax registration — Thai business setup has many moving parts. SVBL guides you through every step with full legal compliance.

Company registration & structure

Foreign ownership solutions

License & tax registration

BOI promotion eligibility

Start your business

100% foreign ownership possible

About company

Futu US Inc. stands at the forefront of financial services, housing two SEC registered broker-dealers alongside a cryptocurrency brokerage — all operating under the reputable wing of Futu Holdings Limited (Nasdaq: FUTU). Our core mission revolves around innovating the investing landscape through a digitized brokerage and wealth management platform.

All jobs at Futu US Inc. Visit website

Job Details

Department Information Technology

Category security

Posted 2 months ago