Job Highlights
- Job Stability. AWS + Variable Bonus + Flexible Staff Benefits
- Flexible Working Arrangements, Hybrid
- Positive working and learning culture
Job Description
We are seeking an experienced IT Analyst Specialist with a focus on Application Security to join our team. The ideal candidate will have a strong technical background and a passion for security.
The successful candidate will join the Team that is responsible in establishing and governing the software development and application support processes, ensuring compliant to the established policies and guidelines. The team must also consider areas of improvement in the IT Delivery Team.
JOB SCOPE
The successful candidate will have the opportunities to work on the follow function(s).
Primary Function:
(A) Responsible for Application Security, not limited to the following
· Conduct application security assessments to identify vulnerabilities and ensure that applications are secure
· Work with development teams to ensure that security requirements are incorporated into the development process
· Develop and enforce secure coding practices
· Develop and maintain security policies and procedures
· Work with infrastructure teams to ensure that security is integrated into the infrastructure design
· Develop and maintain security monitoring tools and systems
· Conduct penetration testing and vulnerability assessments with vendors
· Stay up-to-date with emerging trends and technologies in application security
Secondary Function:
The Team is also handling the following function and the successful candidate may be assign to assist these functions.
(B) Identify IT Delivery improvement opportunities and support request from other teams or departments who has identified process improvement opportunities.
(C) Support Audits
· This includes external compliance audit for area responsible by the IT Dept.; i.e. ISO22301, Finance Audit, ISO27001, etc.
(D) Internal System Support
· Support in the development, support and maintenance of the internal developed back office application solutions and governance enforcements system/tools. e.g. billing system, customer registration system, etc.
· Support back office system improvement initiatives.
TECHNICAL REQUIREMENTS:
§ Tertiary education with working experience/knowledge in the following area:
· Understanding of the SDLC and agile process
· Strong knowledge of web application security concepts such as OWASP Top 10, SAN25
· Knowledge with security assessment tools such as Burp Suite, Qualys, Nessus, etc.
· Knowledge of programming languages such as Java, C#, Python, or Ruby
· Knowledge of scripting languages such as Perl, Python, or Bash
· Excellent communication and collaboration skills
· Knowledge in Cloud technologies
· Knowledge with containerization tools and orchestration (Docker, Kubernetes, Helm)
OTHER REQUIREMENTS
§ Should have the following soft skills attributes
· Strong analytical and problem-solving skills
· Organised and able to handle multiple projects concurrently
· Collaboration with users, product owners and development teams to deliver solutions.
· Self-motivated to pick up skills required to support the project requirement.
· Must have good command of English written, verbal and presentation skills
· Proactive, out of the box thinker, detail oriented with strong organizational, analytical and problem-solving skills.
· Self-starter, both a team player yet able to work independently and adjust to changing priorities, critical and strategic thinker, negotiator and consensus builder.
· Software engineer who has interest in Application Security can also apply.
