Exciting opportunity for a passionate security practitioners to play an important role in the Information Technology (IT)  team as an Application Security Specialist. 

Mandatory Skill(s)

  • Bachelor Degree in Computer Science or Information Technology;
  • Has at least 3 years of work experience in the area of application security assessment;
  • Know-how with SOAP, WSDL, REST, SSL standards, security models and common API client architecture;
  • Able to identify common web application vulnerabilities and use the right technique to mitigate vulnerabilities;
  • Knowledgeable and able to apply cyber security principles;
  • Knowledgeable with Identity & Access Management (IAM) solutions;
  • Team player and possess excellent communication skills.

Desirable Skill(s)

  • Experience in Real Time Messaging Protocols like Message Queen Telemetry Transport (MQTT), Data Distribution Service (DDS);
  • Knowledge of Static Application Security Testing (SAST) or Dynamic Application Security Testing (DAST) tools, e.g. Appscanner, Fortify, Veracode, Appscan, Burp suite, Qualys, Webinspect;
  • Certified in Risk & Information Systems Control (CRISC);
  • Global Information Assurance Certification (GIAC).

Responsibilities

  • Work with the application team to define the security controls and measurements in the Software Development Life Cycle (SDLC);
  • Identify gaps in security and improve security protocols and procedures in application development processes;
  • ​Responsible to conduct and develop secure code reviews to resolve vulnerabilities;
  • Able to take up leading role when defining threat models and respective mitigation;
  • Able to recommend the strategic threat technique at the appropriate SDLC phase;
  • Adhere to security requirements in every phase of SDLC;
  • Assist business users, developers and vendors in adopting these security services;
  • Participate in Governance, Risk management, Compliance (GRC) related activities.
Apply to this Job