Job Description: • Responsible for conducting application security testing • Subject matter expert for application team in terms of application security • Responsible for performing dynamic and static application security testing focusing on vulnerabilities assessments, static analysis and penetration testing using automated and manual tools. • Produce clear but detailed test reports which shows conclusions of testing • Review test results and analyse data to understand software risk and areas of concern • Prepares, maintains and execute technical security plans • Explain and demonstrate application vulnerabilities and provide recommendations for mitigation • Communicate and provide advisory on security vulnerabilities with project team and stake holders • Work with DevOps to automate application security tests into DevSecOps and Continuous Integration process • Work with application development team to review codes, improve and educate team on secure coding • Share security related information and expertise within the project team through on the job coaching, pairing, formal/informal classroom training or sharing • Conduct internal and external security and compliance review on information assets • Monitor regulatory requirement & technology advances to identify relevant trends & threats Job Requirements • Degree or Diploma in Computer Science, Information Technology, Digital Media or related disciplines • Possess professional certification such as CISSP, OSCP, CREST, CEH, CPTC, SAN, ISTQB CFTL or other relevant certification will be an added advantage. • Minimum 2 years’ experience in secure code review in at least one of the following programing language/environment such as Ruby, Java, .Net, and/or Node.JS. • Minimum 3 years’ experience in penetration testing on web application. • Familiar with HTTP, SOAP, WSDL, REST, SSL standards, security models and common API client architecture • Familiar with common web application vulnerabilities and technical knowledge to address and mitigate vulnerabilities • Familiar with industrial security testing tools such as but not limited to Checkmarx, WebInspect, Fortify Suite, Burp Suite, Nessus, Kali Linux • Experienced in secure scrum, agile testing environment will be an added advantage • Good communication and interpersonal skills • Good analytical and writing skills • Good team player and meticulous"
Locations Singapore Nationality Singapore : (Candidates authorized to work in the above mention countries are also eligible to apply) Experience 6 - 8 years Keywords / Skills Application Security, Penetration Testing, Source code review, HTTP, SOAP, WSDL, REST, SSL, Java, .Net Function IT Role Project Management,Testing,Quality Assurance Industry IT/Computers - Software Summary Minimum 2 yearsâ experience in secure code review in at least one of the following programing language/environment such as Ruby, Java, .Net, and/or Node.JS. Posted On 27th Aug 2019