Closing Date : 31/05/2024

Senior Specialist, IS & Cyber Security  

** For registered candidates, please login to apply

Job Responsibilities

As a Technical Security Manager
• Establish program to improve security posture in the organisation, security roadmaps and develop application security development best practices to ensure organization meets minimum security requirements for the mobile and financial services business.
• Review current system security measures, recommend and implement enhancements/improvements.
• Review security design of new application and infrastructure project including cloud computing initiative and participate in Architecture review board to review and input/advisory in security aspects of the application design.
• Lead/coordinate application security penetration testing/vulnerability assessment and conduct code reviews for security flaws for organization application.
• Define application security design standards for UM developed applications.
• Manage & implement new security initiatives/projects and controls, which encompass network, application, and endpoint security.
• Involve in security incident investigation and providing thorough post-event analyses.
• Address security gaps highlighted by Audit and conduct security gap analysis to strengthen the security posture and ensure security is infuse into all aspect of the Company.

Job Requirements
• Min 7 years working experience in IT Security solution implementation e.g. DLP, IPS, Web Application Firewall, SIEM, APT, EDR and familiar with static code security analysis and web application assessment tool.
• Degree in Information Technology/Computer Science or equivalent.
• Possessed IT Security certification e.g. CISSP or equivalent.
• Managed IT Security technologies such as IPS, Firewall, Web Application Firewall, DLP, SIEM, EDR.
• Hands-on Application Security Vulnerabilities (as listed in OWASP Top 10), Security Testing methodologies and related tools such as Fortify, WebInspect, BurpSuite.
• Flexible and adaptable – capable of changing direction where required and showing flexibility to meet new demands.
• Multi-tasking and project management skill to manage several concurrent projects and priorities demands.
• Hands-on experience with PCI DSS, ISMS and SOC is preferred.
• Passionate about protecting the Company IT Assets and keeping abreast with the latest Cybersecurity threat intel.