- Develop and maintain client’s IT Security Management Plan focus on Applications Systems
- Harmonise obsolescence management efforts across Applications Systems
- Perform risk assessment for potential security vulnerabilities from identified activity and obsolete systems for Applications Systems.
- Conduct regular penetration testing and Static Application Security Tests
- Assess and recommend mitigating measures to address potential security vulnerabilities
- Schedule security scan for identified systems according to policies, and verify all vulnerability rectifications are satisfactorily performed
- Conduct Security Review on System Access and administration patterns weekly, and report unusual or suspicious activities, if any, to Governance Management (SMO)
- Track, mitigate and deploy patch security vulnerabilities accordingly to the stipulated timeline.
- Maintain oversight and submit reports on monthly basis
- Escalate and/or seek Authority’s acceptance and approval of assessed risks
- Conduct IT Security Management briefings and workshops
- Diploma / Degree in Computer Sciences, Engineering and any Sciences disciplines
- Certified Ethical Hacker (CEH) Certification
- Certified Information Systems Security Professional (CISSP)
- Highly preferred hands-on experience for Splunk, Tenable, BeyondTrust, HP Fortify Static Code Analyzer and Fireeye. and Tools projects in OWASP