Description

We are looking for a qualified Security Assessments Services Personnel for Information Security Organisation to implement and maintain our security systems.

Job Descriptions :

• Identifying and measuring the security risk to the Bank's information assets and information processing facilities.
• Designing and managing a comprehensive testing program embedded into the Systems/Software Development Life Cycle (SDLC) that evaluates security vulnerabilities during code development and in primary dependent systems.
• Managing and implementing penetration testing to evaluate the security controls and vulnerabilities in the system.
• Evaluating and creating report regarding SDLC output (Penetration Testing and Vulnerability Assessment)
• Managing and coordinating the activities of 3rd parties who are providing security capabilities.
• Performing 3rd party information risk assessments as necessary.
• Creating risk log from risk assessment result for risk register

Requirements

• Minimum 5 years experience in security assessment & reviews in global financial organizations
• Strong working knowledge of penetration testing, vulnerability assessment, and source code review
• Experience with secure SDLC
• Experience with Vendor Assessment
• Expert knowledge of IT security technology (e.g., firewall, IPS, key management, antivirus, patch management, end point protection)
• Strong working knowledge of industry frameworks (e.g., ISO 27002, NIST Cyber Security Framework, OWASP)
• Preferable CSX Fundamentals, COBIT 5, ITIL Fundamental, ISO 27001 LA/LI, ISO 9000 Quality Management System, TOGAF 9.1, Systems Security Certified Practitioner (SSCP), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH)
• Ability to interact with senior executives
• Excellent written / verbal communication skills

• minimum S1 with relevant background