About the Opportunity

Job Type: Permanent

Application Deadline: 30 September 2026

Title Senior Analyst - Application Security

Department Global Cyber & Information Security (GCIS)

Location Dalian, China

Reports To Dalian Application Security Manager

Level Grade-3

Were proud to have been helping our clients build better financial futures for over 50 years. How have we achieved this? By working together - and supporting each other - all over the world. So, join our team and feel like youre part of something bigger.

About your team

You will be joining a highly skilled Global Application Security team. Our primary mission is to protect the company is financial applications and data by finding security vulnerabilities before hackers do, and working closely with software developers to build secure applications from the ground up.

About your role

As an Application Security Specialist, you will act as a critical bridge between our Application Security team in Dalian and our software engineering teams based in Canada. Your main goal is to ensure that the applications built for our Canada business are secure by design.

You will spend your time actively hacking our own applications to find weaknesses, particularly in web applications and APIs. Equally important, you will help automate our security checks to configure DevSecOps tools that scan source code or runtime for vulnerabilities every time a developer updates an application (DevSecOps). You will work directly with the developers, advising them on how to fix the code effectively.

Because building relationships with the Canada technical teams is crucial for this role, you will be required to align part of your working hours with the North American time zone. This means you will work the local "Canada shift" (evening/night local Dalian time) approximately 2 days per week for critical meetings and real-time collaboration.

About you

• Fluent English Communication: Exceptional spoken and written English skills are mandatory. You must be comfortable hosting video calls, presenting security findings, and offering technical advice to native English speaking teams in Canada and local Dalian teams.
• Hands-on Penetration Testing Experience: Proven experience in ethical hacking, specifically targeting Web Applications and APIs. You should have a deep understanding of how to find and exploit common vulnerabilities (such as the OWASP Top 10).
• DevSecOps & Automation Skills: Experience with integrating automated security scanning tools (SAST/SCA/DAST) into software development pipelines (CI/CD).
• Developer-Friendly Mindset: A strong ability to understand software architecture and provide clear, practical remediation advice to developers. You enjoy solving problems collaboratively rather than just pointing out errors.

Feel rewarded

For starters, well offer you a comprehensive benefits package. Well value your wellbeing and support your development. And well be as flexible as we can about where and when you work finding a balance that works for all of us. Its all part of our commitment to making you feel motivated by the work you do and happy to be part of our team. For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

For more about our work, our approach to dynamic working and how you could build your future here, visit careers.fidelityinternational.com.

Location: Dalian Office

Time Type: Full time