You will play important role in the design and development of secure and reliable healthcare application for the transformation of Singapore Healthcare IT landscape. You will be responsible for planning our application security roadmap, design and development of application security best practice and common libraries, and delivery of application security services to our application development teams.
Role and Responsibilities:
· Manage and lead team to conduct source-code review using automated and manual approaches, review results to eliminate false positives, propose resolutions for security vulnerabilities.
· Performing security architecture reviews and risk assessments for applications in design phase.
· Developing and maintaining software application security policies and procedures.
· Providing technical leadership, guidance, and direction to the application security team.
· Identifying potential threats and attacks to applications systems through threat modelling.
· Identifying security recommendations and aligning them to appropriate risk ranking systems
· Assist in the security auditing of application systems.
Requirements:
· Degree in Computer Science, Computer Engineering or equivalent
Hands-on programming experience (eg .NET) as required.
· Hands-on coding experience for designing and implementing secure applications to prevent and address the application vulnerabilities.
· Familiar with DevSecOps, and popular security tools like Checkmarx, Fortify, Nexus, SonarQube
· Good knowledge of web application security concepts such as OWASP Top 10 , MITRE CWE, MITRE ATT&CK framework, D3FEND matrix and Threat Modelling Methodologies such as STRIDE
· Good knowledge and experience in AWS cloud infrastructure, cloud native service design and development, especially the security best practice and implementation details to ensure design and implementation of cloud native application is secure and robust
· Technical team management skill and experience may be required for senior manager role
