ITCISO05 - Application Security Management
We are looking for Application Security Management for Information Security Organisation, who enjoys security work and possesses both deep and wide expertise in the security space. You will make things more secure by protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data.
Job Descriptions :
- Designing and managing secure SDLC process for applications and related systems in the bank to align with Security Baseline.
- Performing Application Security Testing/Source Code Review as the phase of Secure SDLC.
- Developing, implementing, and reporting on the application security testing process.
- Minimum 7 years experience in application security operations and development
- Experience on Application Developer
- Experience working in a secure SDLC environment
- Experience with DeOvps activities and integration
- Experience with Application Security Testing/Source Code Review
- Experience with Penetration Testing/ Security Assessment/ Vulnerability Assessment
- Have knowledge of IT Security Tools (e.g., firewall / IPS / key management / antivirus / patch management / end point protection)
- Knowledge of industry frameworks (e.g., ISO 27002, NIST Cyber Security Framework, OWASP) is an advantage
- Preferable CSX Fundamentals, COBIT 5, ITIL Fundamental, ISO 27001 LA/LI, ISO 9000 Quality Management System, TOGAF 9.1, Systems Security Certified Practitioner (SSCP), Certified Information Systems Auditor (CISA)
- Strong written and verbal communication skill
- Minimum S1 with relevant background