Exciting opportunity for a passionate security practitioners to play an important role in the Information Technology (IT)Â team as an Application Security Specialist.Â
- Bachelor DegreeÂ in Computer Science or Information Technology;
- Has at least 3 years of work experience in the area of application security assessment;
- Know-how with SOAP, WSDL, REST, SSL standards, security models and common API client architecture;
- Able to identify common web application vulnerabilities and use the right technique to mitigate vulnerabilities;
- Knowledgeable and able to apply cyber security principles;
- Knowledgeable with Identity & Access Management (IAM) solutions;
- Team player and possessÂ excellent communication skills.
- Experience in Real Time Messaging Protocols like Message Queen Telemetry Transport (MQTT),Â Data Distribution Service (DDS);
- Knowledge ofÂ Static Application Security Testing (SAST) or Dynamic Application Security Testing (DAST)Â tools, e.g. Appscanner, Fortify, Veracode, Appscan, Burp suite, Qualys, Webinspect;
- Certified in Risk & Information Systems Control (CRISC);
- Global Information Assurance Certification (GIAC).
- WorkÂ with the application team to define the security controls and measurements in the Software Development Life Cycle (SDLC);
- Identify gaps in security and improve security protocols and procedures in application development processes;
- â€‹Responsible to conduct and develop secure code reviewsÂ to resolve vulnerabilities;
- Able to take up leading role when definingÂ threat models and respective mitigation;
- Able to recommendÂ the strategicÂ threat techniqueÂ at the appropriateÂ SDLC phase;
- Adhere to security requirements in every phase of SDLC;
- Assist business users, developers and vendorsÂ in adopting these security services;
- ParticipateÂ in Governance, Risk management, Compliance (GRC) related activities.