Cyber Security Manager (Application)
Enginering Security Applications
Thưởng
Job Overview And Responsibility
● Support asset development, process establishment. ● Conducting application security assessments (web, mobile, web service, Infra etc.). These assessments involve manual testing and analysis as well as the use of automated application vulnerability scanning/testing tools such as Burp Suite Professional and/or code review tools such as IBM AppScan/HP Fortify or CMx. We expect candidate to have experience doing similar assessments, candidate can be trained on any proprietary assessment methodology. ● Reporting/Dashboarding/Retesting and participation in conference calls with clients to review assessment results and consult with the clients on remediation options. ● Participating/Driving conference calls with potential clients to scope out newly requested security projects and estimate effort and resource requirement to complete the project etc..
Required Skills and Experience
● 8-10 years of strong Application Security experience in S-SDLC Threat Modeling, Code Review, Vulnerability Assessment, Penetration Testing. Web Service/API security testing, Firmware Assessment, Architecture review. ● Good English communication ● Expert in Application Security process establishment. ● Thorough exposure on DevSecOps implementation/integration. ● Deep hands on experience into Mobile Application Security Android/iOS - reverse engineering/memory analysis etc. ● Security tool experience - ● IBM AppScan/CMx/Forfity/Nessus/MetaSpolit, Web Proxy ● Good exposure on penetration testing. Good to have one of the given certifications - OSCP/GPEN/GWAPT/CSSLP etc. ● Independent global client handling AppSec delivery exposure. >=2 years. ● Team management skills. ● Thorough exposure on AppSec technical solutioning, estimation and RFP/RFI response, Client presentation. ● Excellent interpersonal skill.
