Fidelity International

Senior Analyst - Application Security

Fidelity International · Dalian, Liaoning, China

Financial Services · 5,001-10,000 employees

8 h ago
Senior (5-10 yrs) Full-time China
Log in to apply, save this posting, or score it against your profile with AI.

About the role

The role involves identifying security vulnerabilities in web applications and APIs through penetration testing to protect financial data. Additionally, the analyst will integrate automated security scanning tools into CI/CD pipelines and collaborate with developers to remediate code weaknesses.

What they look for

Penetration Testing Web Application Security API Security OWASP Top 10 DevSecOps SAST SCA DAST CI/CD English Communication Software Architecture Ethical Hacking

Requirements

Candidates must have proven experience in ethical hacking, specifically with the OWASP Top 10, and expertise in DevSecOps automation tools. Exceptional spoken and written English is mandatory for collaborating with technical teams in Canada.

Benefits

Comprehensive Benefits Package Wellbeing Support Development Support Flexible Working

Full description

About the Opportunity

Job Type: Permanent

Application Deadline: 31 October 2026

Job Description

Title Senior Analyst - Application Security

Department Global Cyber & Information Security (GCIS)

Location Dalian, China

Reports To Dalian Application Security Manager

Level Grade-3

We’re proud to have been helping our clients build better financial futures for over 50 years. How have we achieved this? By working together - and supporting each other - all over the world. So, join our team and feel like you’re part of something bigger.

About your team

You will be joining a highly skilled Global Application Security team. Our primary mission is to protect the company is financial applications and data by finding security vulnerabilities before hackers do, and working closely with software developers to build secure applications from the ground up.

About your role

As an Application Security Specialist, you will act as a critical bridge between our Application Security team in Dalian and our software engineering teams based in Canada. Your main goal is to ensure that the applications built for our Canada business are secure by design.

You will spend your time actively “hacking” our own applications to find weaknesses, particularly in web applications and APIs. Equally important, you will help automate our security checks to configure DevSecOps tools that scan source code or runtime for vulnerabilities every time a developer updates an application (DevSecOps). You will work directly with the developers, advising them on how to fix the code effectively.

Because building relationships with the Canada technical teams is crucial for this role, you will be required to align part of your working hours with the North American time zone. This means you will work the local "Canada shift" (evening/night local Dalian time) approximately 2 days per week for critical meetings and real-time collaboration.

About you

  • Fluent English Communication: Exceptional spoken and written English skills are mandatory. You must be comfortable hosting video calls, presenting security findings, and offering technical advice to native English speaking teams in Canada and local Dalian teams.
  • Hands-on Penetration Testing Experience: Proven experience in ethical hacking, specifically targeting Web Applications and APIs. You should have a deep understanding of how to find and exploit common vulnerabilities (such as the OWASP Top 10).
  • DevSecOps & Automation Skills: Experience with integrating automated security scanning tools (SAST/SCA/DAST) into software development pipelines (CI/CD).
  • Developer-Friendly Mindset: A strong ability to understand software architecture and provide clear, practical remediation advice to developers. You enjoy solving problems collaboratively rather than just pointing out errors.

Feel rewarded

For starters, we’ll offer you a comprehensive benefits package. We’ll value your wellbeing and support your development. And we’ll be as flexible as we can about where and when you work – finding a balance that works for all of us. It’s all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.