11 March 2021
We are looking for an experienced Application Security Engineer to be involved in the software security development and implementation.
- Degree in Computer Science, Computer Engineering or Information Security;
- At least 5 years of experience in in software development as IT Security Engineer;
- Good knowledge of local regulatory guidelines and notices related to Information Security, Cyber Risk, SDLC;
- Hands-on experience in application security toolset such as Fortify, Checkmarx, Webinspect;
- Ability to work independently within an Agile environment and multitask in a fast-paced environment;
- Proactive and self-motivated team player with a strong sense of responsibility and accountability.
- Certification in SANS GSSP – Java / Net or CSSLP.
- Responsible for assessing applications for design related security risk and determine remediation for issues identified;
- As a subject matter expert, provide guidance on existing and emerging threats in web application domain and specific development languages based on potential implementation risk;
- Assist in execution and review of vulnerability scans and penetration test;
- Set up application security testing framework such as SAST & DAST;
- Design and implement technical security solutions;
- Conduct training to educate engineers on security protection;
- Perform IT & security risk assessment;
- Conduct key control testing and drive implementation;
- Ensure compliance and alignment of IT infrastructure, with the local regulations and internal policies.