Application Security Engineer

2020.01.01 Taiwan

[Job Description]

Application security is a very important part in LINE’s service development. Application security engineers are in charge of the security design of LINE services. They are involved in service architecture design, security module development, and application security review. Application security engineers must be able to perform application security review based on both whitebox and blackbox security testing. 

They are also in charge of compiling secure development guidelines for R&D departments, in order to ensure our services are secure and reliable. System security architecture, secure code review, and penetration testing skills are mandatory for this position. 

In addition, the application security team is responsible for research, development, and deployment of new security technologies, such as machine learning, biometric authentication, blockchain technologies, IoT security, and encryption module design. Security engineers can do research related to their respective projects or choose to work with the global security team on universally applicable technologies. 

Perform risk assessment for family services

- Perform blackbox and whitebox security assessment for family services. 

- Review technical design and provide suggestions to improve the system security.

Co-work with global teams to deal with the application security issues. 


- Analyze account abusing with global anti-abusing team. 

- Deal with service abusing cases. 

- Help to improve the anti-abusing system. 

- Candidate have to perform at least one of the major jobs mentioned above.


Required Skills and Qualifications 

- Must be familiar with both attack and protection best practices of OWASP TOP 10. 

- Must be familiar with Web service security and authentication protocols, such as, OAuth 2.0, WebAuth SAML, and TLS. 

- Must be familiar with contemporary encryption technologies, protocols, and algorithms. 

- Should be able to write and review Java and Python applications. 

- Fluent in English. 

Preferred Skills and Qualifications 

- Familiar data analysis tools, such as ELK and Hadoop. 

- Familiar with modern vulnerability scan tools, such AppScan, WebInspect, BurpSuite and etc. 

- Familiar about code review tools, such as Fortify and CheckMarx. 

- Japanese or Korean language skill.