- Employment Type: Full Time Employment
Job Description / Responsibility
- Be part of the digital road map and responsible for ensuring security into the development/acquisition of applications/integration/FinTech initiatives. Work closely in technology projects to threat model, vulnerability scan, and pen test the software, system, and network architecture and identify required control points in the application stack. Also to diagnose, document, and remediate application and database security vulnerabilities.
- Secure code review and ensure Database security. Provides 360 risk assessments and cyber security briefings and advises of critical issues that may affect cyber security objectives. Identifies potential areas where existing information security policies and procedures require change, or where new ones need to be developed, especially regarding new applications and architectures. Conduct technical in-depth security analysis of systems to identify gaps and find remediation. Recommends, integrates and maintains security tool sets.
- Supports the development of the DRP and BCP for systems, and tests readiness. Evaluates and recommends cyber security products, services, and/or procedures to enhance productivity and effectiveness. Maintains awareness of cyber trends, threats, and vulnerabilities. Other tasks and responsibilities as assigned.
- BSc/MSc degree in Information Security, Cyber Security, Computer Science or related fields is required.
- Professional industry certifications and experience in Application Security and Database security is recommended. CPEH/CEH and GIAC, CSXP, CSSLP, LPT, OCP is expected. CISM/CISSP would be an advantage.
At least 4 year(s)
- Minimum 4 years of Working experience in Information Security as primary responsibility or minimum 6 years IT experience with Application as a primary responsibility and strong Application/Database security focus as a secondary job duty required.
- Knowledge and experience with application and Database vulnerability assessment and remediation. Some knowledge and developer experience with programming languages, such as C#, Java.
- Knowledge and experience with NIST, OWASP desired. Experience on implementing/managing security programs and controls. Knowledge of various security methodologies and processes, and technical security solutions. The candidate must be familiar with security principles and concepts.
- Drive innovation by analyzing and interpreting data to test and inform a new initiative or approach. Accountable for successful completion of multiple, individual projects simultaneously. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.
- Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate. Take responsibility for successes and failures related to individual and team-based project work assignments; actively presents suggestions for solution(s), if objectives not met.
jagojobs.com Online Job Posting