MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.


I'm not curious

Application Security Engineer - DDA

Location Central, Singapore
Posted 17-January-2019
Description
Key Responsibilities:Assist APAC application teams with defining, rolling out and implementing DevSecOps to improve Group Application Security Level.Work with application teams to conduct application security assessment (VAPT, or pen-test) and compliance review on business applications.Explain and demonstrate application vulnerabilities and provide recommendations for mitigation, follow-up with application teams for vulnerability remediation.Organize training to application teams to improve the core security knowledge of secure coding principal and techniques.Lead the on-boarding and support of multiple security platforms: SAST, DAST and IAST.Assist with implementing and designing automated security checks within the CI/CDTake action to maintain compliance to security standards and policy, escalate non-compliance in a timely and effective mannerReport on key compliance and operational metrics of application security.
Basic Qualifications:
Degree/Diploma in Computer-related discipline, or equivalent work experience.3 ~ 5 years of hands-on experience as a software developer.2+ years of hands-on experience of VAPT, application security testing, security code analysis or reviewsKnowledge and understanding of security frameworks and methodologies for controls, compliance and auditing NIST, ISO27001, PCI-DSS, OWASP, SSDLCRelated industry certifications such as CEH, CISSP, CSSLP, GSSP-.NET, GSSP-Java, GWEB, GWAPT, OSCP, CREST is a plus.Preferred Skillset:Professional Application SecurityFamiliar with HTTP, JavaScript, Java, .NET, SOAP, WSDL, REST, SSL standards, PKI infrastructure, security models and common API client architecture.Familiar with industrial DevOps and security testing tools such as but not limited to Checkmarx, Sonar, VSTS, Jenkins and Kali LinuxKnowledge of common security protocols such as TLS, OAuth 2.0, SAML, Open ID Connect, LDAP, Radius etc. and crypto libraries such as Open SSL, JWT etc.Familiar with common web application vulnerabilities, OWASP TopHands-on experience with web application and network vulnerability scanningPersonalDemonstrated critical thinking, situational analysis and problem solving skills and mindset.Ability to independently conduct research into application security issue, standards, and products is requiredGood inter-personnel skill, highly self-motivated, autodidact and willing to do more.
Interested candidates, who wish to apply for the above position, please send us an updated copy of your resume with the Job Reference Code to [emailprotected]
Job Reference Code:
We regret to inform that only shortlisted candidates will be notified.

 
Awards & Accolades for MyTechLogy
Winner of
REDHERRING
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url