Hong Kong, Hong Kong, Hong Kong

Futu US Inc. is hiring a Security Engineer

About the Role

Role Overview

This position is responsible for embedding security into every stage of software development, from initial design to pre-release validation. You will ensure that security is a foundational element in product development by applying structured processes and technical expertise.

Key Responsibilities

  • Evaluate product security at each phase of development, including requirements gathering, architecture design, and testing prior to launch.
  • Create and enforce security standards that span the full software lifecycle, covering threat modeling, secure coding practices, code reviews, and penetration testing.
  • Build and maintain security controls within the development pipeline to ensure consistent enforcement of policies.
  • Monitor and manage identified vulnerabilities across development stages, generate risk assessments, and lead remediation efforts to resolution.

Required Qualifications

  • Hold a Bachelor’s degree or higher in Computer Science, Information Security, or a related discipline.
  • Demonstrate knowledge of blockchain technology and its security implications.
  • Possess a working understanding of Security Development Lifecycle (SDL) frameworks.
  • Have strong programming skills in languages such as C++ or Go, with experience in analyzing code for security flaws.
  • Provide actionable feedback to engineering teams for addressing issues detected through static and dynamic analysis tools.
  • Be proficient with DevSecOps tools including SAST, DAST, IAST, container security, and Software Composition Analysis (SCA).
  • Have hands-on experience with security scanners like Fortify, Checkmarx, Coverity, AppScan, Black Duck, and WebInspect.
  • Understand common attack vectors such as SQL Injection, XSS, and CSRF, and be skilled in using tools like OWASP ZAP, Burp Suite, and Wireshark for testing.
  • Show competence in analyzing vulnerabilities and guiding effective fixes.

Preferred Background

  • Practical involvement in threat modeling, code audits, or penetration testing engagements.
  • Prior internship or project experience applying SDL practices in a financial services environment.
Required Skills
C++GoSASTDASTIASTFortifyCheckmarxCoverityAppScanBlack DuckSecurity SDLThreat ModelingCode AuditingPenetration TestingVulnerability Remediation C++GoSASTDASTIASTFortifyCheckmarxCoverityAppScanBlack DuckSecurity SDLThreat ModelingCode AuditingPenetration TestingVulnerability Remediation
Got hired remotely?

Get paid like a professional

Remote clients expect company invoices, not personal PayPal requests. Glopay forms an EU partnership that makes you look legitimate while you stay independent.

Professional invoices with EU company details
Compliance handled automatically
Withdraw to any bank account
Income reports for easy tax filing
Create free account
Free signup • 5 min setup
About company
Futu US Inc.
Futu US Inc. stands at the forefront of financial services, housing two SEC registered broker-dealers alongside a cryptocurrency brokerage — all operating under the reputable wing of Futu Holdings Limited (Nasdaq: FUTU). Our core mission revolves around innovating the investing landscape through a digitized brokerage and wealth management platform.
All jobs at Futu US Inc. Visit website
Job Details
Department Information Technology
Category security
Posted 2 months ago