Application Security Engineer
1 week ago
We’re on a mission to make financial services accessible and effortless for SMEs. As one of Singapore’s latest digital wholesale banks fully regul..
We’re on a mission to make financial services accessible and effortless for SMEs. As one of Singapore’s latest digital wholesale banks fully regulated by MAS, we’re committed to continuous innovation to bring about simpler, safer and more rewarding financial services. #bringingaboutwhatsnext
We are looking for a passionate application security professional to be part of ANEXT Bank’s Cyber Security team, to protect our applications and infrastructure from the ever-evolving threats.
Qualified candidates are expected to:
- Perform application and infrastructure vulnerability assessments, source code reviews, and internal penetration tests on web and mobile applications to identify vulnerabilities and security risks
- Own and continuously enhance the bank’s application and infrastructure vulnerability management process, including end-to-end identification, tracking and remediation work
- Work with external pentest team to perform independent penetration tests on web and mobile applications, triage the security findings and manage the remediations required
- Participate in the system design and architecture security reviews of business projects to ensure security is incorporated into the early stages of the project development lifecycle
- Work with our dev and devops team to ensure security is integrated into the SDLC, provide expertise in advising dev team on the mitigation of identified vulnerabilities and application security risks
- Continuously enhance/improve the integration of security controls into CI/CD pipelines
- Conduct training to dev team on secure coding best practices and vulnerability remediation
- Ensure applications are designed and implemented following standard security principles such as layered defence, least privilege, etc
- Respond to and investigate security incidents related to application security
- Manage the bank’s application security systems
- Maintain and enhance application security policies, standards and operational procedures
Requirements:
- BS/MS in Computer Science / Computer Engineering / Cybersecurity with at least 5-year experience in cyber security and at least 2-year experience in penetration test/red teaming and vulnerability management
- Experience in conducting application and infrastructure security assessments
- Experience with application security and vulnerability assessment tools (e.g. Burp Suite, Kali Linux, Fortify, Nessus, NMAP)
- Strong analytical and communication skills in real time problem-solving
- Fast learner and keeps abreast with relevant vulnerability management and penetration test technology
- Relevant certifications such as OSCP and CISSP will be an added advantage
Official account of Jobstore.