Duties & Responsibilities

•Establish application security roadmaps and develop application security development best practices to ensure organization application meets minimum security requirements for the mobile and financial services business
•Reviewing current system security measures and recommending and implementing enhancements
•Review security design of new application and infrastructure project including cloud computing initiative and member of the architecture review board to review security aspects of the application design
•Lead/coordinate application security penetration testing/vulnerability assessment and conduct code reviews for security flaws for organization application
•Define application security design standards for UM developed applications
•Manage & implement new security initiatives and controls, which encompass network, application and endpoint security
•Involve in security incident investigation and providing thorough post-event analyses

Job Requirements
•Min 7 years working experience in IT Security solution implementation e.g. DLP, IPS, Web Application Firewall, SIEM, APT, EDR and familiar with static code security analysis and web application assessment tool
•Degree in Information Technology/Computer Science or equivalent
•Possessed IT Security certification e.g. CISSP or equivalent
•Expose to IT Security technologies such as IPS, Firewall, Web Application Firewall, DLP, SIEM, EDR
•Hands-on Application Security Vulnerabilities (as listed in OWASP Top 10), Security Testing methodologies and related tools such as Fortify, WebInspect, BurpSuite
•Flexible and adaptable – capable of changing direction where required and showing flexibility to meet new demands
•Multi-tasking – can manage several concurrent projects and priorities demands

Back