Sign in or register for a JobTech account.

Jobs that require application security design skill

99.co
13Dec
Backend Engineer - Site Reliability
99.co   via JobTech

99.co is looking for a Backend Engineer with a focus in Site Reliability to join our diverse team of people who are passionate about taking the real estate industry properly into the age of technology through innovation and a desire to solve its multitude of challenges.

This will involve a healthy mix of system and software engineering skills to ensure 99.co is performant and available as it scales to the greater region of South Asia and beyond.

What you'll do:

  • Writing application APIs, maintain and improve the infrastructure that keeps 99.co running beautifully.
  • Build and optimise internal tools to improve team productivity.
  • Participate in change control, release planning, and other operational planning
  • Remain current on industry leading solutions in both private and public cloud hosting (Amazon Web Services (AWS), Google App Engine, etc.)
  • Partner closely with the respective product and support teams on production issues and issue resolutions.
  • Keeping a constant eye on improving automation, scale, reliability, security, and visibility of overall production health.

What you are/have/will be:

  • BS or MS in Computer Science or a related technical discipline preferred but not required. Equivalent practical experience is a reasonable substitute.
  • Self motivated and a deep feeling of ownership.
  • 'Uptime'. Now that's something that makes you smile
  • You can't stand sloppy APIs, and you know when you should return 401 vs 403 vs 418
  • You agree that code is for humans to read and only incidentally for computers to execute
  • You have no problem setting up and configuring a Linux/UNIX server from scratch
  • Able to conceive, convince, implement and maintain reasonable database schemas for our data
  • Proficient in some of the programming languages: C++/Java, Javascript, Python or Go.
  • Experience in the Linux environment and a good understanding of its fundamentals and internals: filesystems and modern memory management, threads and processes, the user/kernel-space divide, etc.
  • A good understanding of large-scale distributed systems in practice, including multi-tier architectures, application security, monitoring and storage systems.
  • Working knowledge of the TCP/IP stack, internet routing and load balancing.
  • :() { : | : }; : makes you giggle
  • You RTFM and will paste an html peace character somewhere in your application.

Skills
Xtremax Pte Ltd
18Jan
Application Security Consultant
Xtremax Pte Ltd   via JobsCentral



We are looking for experienced security professionals who can help our clients achieve a secured environment for their applications and web information. You must have strong experience in performing penetration testing and vulnerability management services for applications, network systems, operating systems and database. Candidates should have experience with black box, grey box, and white box testing. Selected candidates will work on a whole-of-government platform that hosts close to    Read more

500 web applications.

Responsibilities

Conduct security assessments such as penetration and vulnerability tests

Generate security reports

Evaluate and develop security solutions

Proactively assesses potential items of risk and opportunities of vulnerabilities in the network

Installation, configuration, monitoring and response to security system

Keep updated on knowledge of the IT security industry: including awareness of new or revised security solutions, security standards, trends / best practices, offensive techniques and tools

Collaborate and work well together in the IT Security team

Requirements

Good knowledge in web application and/or network infrastructure security

Experience in addressing web application security issues, such as those outlined in OWASP Top 10

Have good communication and report writing skills

Bachelor’s degree in IT-related field of computer science, computer engineering, information security, or equivalent

Certifications such as OSCP, CREST CCT or CRT are highly desirable and preferred

Skills
The Advertiser
18Jan
Research Engineer
The Advertiser   via JobsCentral



Roles & Responsibilities

COMPANY DESCRIPTIONSECURING THE SOFTWARE THAT POWERS YOUR WORLD IS A BIG JOB. We''re focused on that mission every day. Application security isn''t part of our business, it''s our only business. And it''s the driving force behind everything we do. At Veracode, we inspire a culture of innovation and infuse creativity into all our initiatives.

Veracode is the leader in the application security space, with the most    Read more

comprehensive offering available. We take our mission to secure the software that powers your world seriously. Our award-winning, industry-leading products dominate the AppSec market!

RESPONSIBILITIES

As a research engineer you will work closely with the Veracode engineering team to research and maintain our vulnerability database. You will also help identify new vulnerability data sources and implement processes to improve the quality of our data. As part of this team you will get the opportunity to work on improving the state of security in open-source code. We provide a great engineering culture and give lot of autonomy to individuals to work on interesting problems relevant to our business that can have big impact.Responsibilities:

Review incoming commits, emails, and bug reports to look for vulnerabilities in open source libraries

Triage the newest vulnerabilities released

Track library release notes and associated security bulletins Publish high quality vulnerability advisories with exploit information, details about risk, and mitigation/workaround details

Develop tools and techniques to identify new vulnerabilities and analyze vulnerable methods

Perform risk assessments on vulnerabilities identified, then describe the risk posed to customers

Use in-house tooling and/or custom tooling to do low probability, high payoff moonshot style research into the most popular libraries

Other activities relating to security research around library vulnerabilities

Requirements

Required Skills:

BS/MS in Computer Science or related field, or relevant industry experience is required

0-2 years’ experience in vulnerability analysis

Working knowledge of programming languages such as Java, Python, JavaScript, Ruby, Go, or C/C++

Knowledge of package management systems such as Maven, RubyGems or npm

Knowledge of software security vulnerability types and common attack methods

A strong ownership attitude and a track record of taking responsibility for problems, deadlines, and SLAs

Strong problem solving and communication skills

Strong written (English) and verbal communication skills necessary for writing up vulnerability publications

Desired Skills:

Familiarity working in an environment that heavily utilizes cloud services and cloud-based infrastructure

Experience working as a security researcher,

Enjoys working on low probability but huge payoff research problems

Familiarity working in an environment with strict security requirements

Skills
The Advertiser
18Jan
Software Engineer
The Advertiser   via JobsCentral



Roles & Responsibilities

COMPANY DESCRIPTIONSECURING THE SOFTWARE THAT POWERS YOUR WORLD IS A BIG JOB. We''re focused on that mission every day. Application security isn''t part of our business, it''s our only business. And it''s the driving force behind everything we do. At Veracode, we inspire a culture of innovation and infuse creativity into all our initiatives.

Veracode is the leader in the application security space, with the most    Read more

comprehensive offering available. We take our mission to secure the software that powers your world seriously. Our award-winning, industry-leading products dominate the AppSec market!

RESPONSIBILITIES

As a software engineer you will work closely with the Veracode engineering team in Singapore to design and develop software composition analysis engines. You will also help add support for new programming languages, package managers and build systems. As part of this team you will get the opportunity to work on improving the state of security in open-source code. We provide a great engineering culture and give lot of autonomy to individuals to work on interesting problems relevant to our business that can have big impact.

Responsibilities:

Work collaboratively within to write high quality and testable code.

Responsible for assigned integration, testing, and deployment tasks.

Write and maintain documentation to describe program development, logic, coding, testing, changes, and corrections.

Work with members of the team to drive engineering best practices around testing, CI/CD, architecture and automation.

Actively communicate and collaborate within the team and across functional boundaries.

Requirements

Required Skills:

BS/MS/PhD in Computer Science or related field, or relevant industry experience is required

2 years’ experience in software engineering

Coding experience in Java

Experience with popular open source software such as Postgres, RabbitMQ, Elasticsearch, Redis and Couchbase

Experience with development frameworks such as the Spring framework and React.

Knowledge of containers and container orchestration platforms

Desired Skills:

Experience building command line tools

Experience with CI/CD workflow

Experience working with modern package managers (npm, bundler, pip etc.) and build systems (Gradle, Make etc.)

Skills
Network for Electronic Transfers (Singapore) Pte Ltd
18Jan
Cyber Threat Analyst
Network for Electronic Transfers (Singapore) Pte Ltd   via JobsCentral



Roles & Responsibilities

Cyber Threat Analysts uses data collected from a variety of cyber defence tools such as intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyse events that occur within the Company’s environment.They perform 24x7 monitoring on both internal and external sources to maintain current threat condition and determine which security issues may have an impact on the organisation, and provide accurate    Read more

evaluation of the incident for escalation.

Reporting to the Information Security Manager, the incumbent will be responsible for:

Round-the-clock surveillance of the Company’s information assets using various cyber defense tools to monitor internal and external sources

Identify applications and operating systems of a network device based on network traffic

Provide timely detection, identification and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities

Use cyber defense tools for continuous monitoring and analysis of system activity to identify malicious activity

Requirements

Qualification

Diploma or Degree in IT or Engineering discipline with at least 2 years relevant experience in the information security domain

Related IT Security certification preferred

Knowledge and Skills

Knowledge of common network tools (e.g., ping, traceroute, nslookup)

Knowledge of cyber defence policies, procedures, and regulations

Knowledge of different types of network communication (e.g., Local Area Network, Wide Area Network, Metropolitan Area Network, Wireless Wide Area Network, Wireless local Area Network

Knowledge of SIEM and IDS tools and applications

Knowledge of front-end collection systems, including network traffic collection, filtering and selection

Knowledge of cyber defence and vulnerability assessment tools, including open source tools, and their capabilities

Knowledge of incident response and handling methodologies

Knowledge of general attack stages (e.g., footprinting and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, procedural and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code) Language/Structured Query Language (PL/SQL)

Skills
SYSTEMS ON SILICON MANUFACTURING COMPANY (SSMC)
18Jan
It Engineer (.Net) - 2 Years Contract
SYSTEMS ON SILICON MANUFACTURING COMPANY (SSMC)   via JobsCentral



Responsibilities:

Support and development of Business Intelligence (BI) project.

Support business and IT strategies in analyze BI requirements. Design and develop new BI reports, and enhance existing BI reports.

Plan, coordinate and collaborate with Business Users and IT teams in supporting unit, integration and user testing.

Plan and organize production release.

Manage BI application security and administration activities.

Requirements:

Bachelor degree or post graduate in Computer Science or Information Technology or equivalent.

At least 4    Read more

years of working experience in BI consultation and support environment.

Experience in Oracle PL/SQL development and SQL tuning.

Support and development using .NET Framework, ASP.NET, C#.NET, VB.NET, Javascripts and HTML.

Familiar with Linux scripting languages.

Good understanding and working experience in DW architecture and data modeling.

Working exposure in semiconductor project would be an advantage.

A highly motivated, resourceful and good team player.

Knowledge in Promis would be an advantage.

Analytical skills with the ability to assimilate information quickly, and communicate complex requirements and issues clearly and concisely.

Able to work on projects with stringent timelines.

Skills
The Advertiser
17Jan
Application Security Officer (Ref 22831)
The Advertiser   via JobsCentral



Roles & Responsibilities

Responsibilities:

- Develop the technical application security program to guide the secure development of technology platforms

- Analyze business and operations initiatives to identify the business and application security risks, review the specified requirements and assess the control implementations to ensure information security risks are managed

- Design and deliver innovative security solutions and initiatives and manage and support security technology platforms

- Review vulnerability assessments and    Read more

penetration testing to assess the residual risks and mitigation plans

- Assess and advise Technology Solution Delivery and Operations teams on management and mitigation of security exceptions and deviations

- Establish an application security awareness program to inculcate a secure development culture to minimize defects and improve time to market

Requirements

Requirements

- 8 to 10 years of technology work experience with a minimum of 6 years in Information Security

- Security certification in CISSP, CISM or CISA is a must; certification in architecture is a plus

- In-depth knowledge and experience in information security risk assessment and management

- Experience in the development and implementation of application and solutions

- Experience in MAS technology related guidelines such as Technology Risk Management Guidelines, Outsourcing guidelines etc.

- Experience in working and liaising with auditors to review and assess the control framework

- Good understanding of key security technology such as identity access management solution, two factor authentication, enterprise certificate authority etc.

- Passion to deliver sustainable security solutions and continued improvement in control and risk mitigation

- Demonstrate ability to balance business and security requirements and manage tactical vs. strategic on-going initiatives

- Demonstrate ability to operate in diverse environments and cultures and enjoys working in challenging and fast-paced environment

- Discipline in timely submission and reporting key metrics and status

- Strong communication and presentation skills to wide and diverse audiences

License No.: 12C6060

Skills
Ernst & Young Advisory Pte. Ltd.
17Jan
Risk Transformation Manager, Advisory, Singapore
Ernst & Young Advisory Pte. Ltd.   via JobsCentral



Roles & Responsibilities

We enhance performance through creating risk-enabled organizations. We help clients identify important risks, design frameworks to manage them and improve the effectiveness and efficiency of risk management. As a risk transformation professional, you will be addressing client issues such as business performance variability, business and process controls transformation; application security integrity, governance, risk and control (GRC) technology enablement, business and/or IT GRC, continuous monitoring, vendor and    Read more

contract risk management and IT risk management. You will belong to an international network of specialists helping our clients transform risk functions and implement technology solutions that support risk management and governance.

We will support you with career-long training and coaching to develop your skills in risk strategy, risk function design, risk management and performance enhancement. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

The opportunity

As part of our governance, risk and compliance team, focusing on high-impact opportunities, you’ll extend your capabilities in governance, risk and compliance. Applying your knowledge and experience to shape our services, you’ll focus on client opportunities where your expertise can make a substantial impact. You’ll apply your knowledge and experience to shape our services and motivate your team. You’ll build valuable relationships with clients and develop strong capabilities, through both formal training and working with senior mentors and talented colleagues.

Your key responsibilities

This is a role where no two days are the same – so you’ll find yourself taking on plenty of new responsibilities as you go. You’ll work alongside clients and colleagues, balancing your time between developing security strategies, advising stakeholders, providing workshops and supporting business development. If you’re flexible and ready to adapt to a constantly changing environment, there’s no better place to develop your skills. Since you’ll be working directly with clients, some travel will be required.

Skills and attributes for success

Effectively manage and motivate client engagement teams with diverse skills and backgrounds.

Consistently deliver quality client services and manage expectations of client service delivery.

Drive high-quality work products within expected timeframes and on budget.

Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.

Stay abreast of current business and industry trends relevant to the client's business.

Develop and maintain long-term relationships and networks with clients and internal EY stakeholders

Demonstrate deep technical capabilities and professional knowledge.

Possess in depth business acumen and demonstrate ability to quickly assimilate to new knowledge.

Remain current on new developments in advisory services capabilities and industry knowledge.

Requirements

To qualify for the role you must have

A recognized university degree in accounting, business, information technology, engineering, mathematics or other relevant discipline

At least 5 years of relevant consulting or industry experience, preferably in a professional services environment or MNC.

Understanding of reporting requirements

Practical experience and understanding of technology and business processes in providing related risk assurance and advisory considerations

Strong project management skills

Experience in engaging and managing a variety of stakeholders with an ability to consult and develop remediation options, risk mitigation solutions

Experience with implementation of Commercial Controls Modernization program including development, testing and exception management

Proficiency with Microsoft Excel, Access, Word, and PowerPoint

Strong analytical, interpersonal, communication, writing and presentation skills

Demonstrates integrity, values, principles, and work ethic

Ideally, you’ll also have

Professional certifications such as Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Fraud Examiner (CFE), Certified Prince2 Professional or PMP certified

What we look for

Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident leader equipped with strong people management skills and a genuine passion to make things happen in a dynamic organization.

What working at EY offers

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. We also offer you:

Support, coaching and feedback from some of the most engaging colleagues around

Opportunities to develop new skills and progress your career

The freedom and flexibility to handle your role in a way that’s right for you

About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world. Apply now.

Skills
iKas International
16Jan
AVP/VP Information Security Officer / BISO
iKas International   via E-FinancialCareer

/br>
Being part of Global BUsiness Information Security Team at a major financial firm, you will be be responsible for Information Security Controls and Cyber Security enforcement.

Key Responsibilities

Assist in the review, development, testing and implementation of security plans, products and control techniques, including enhancement of existing processes and service offerings.

In addition, the team may be asked to provide technical support to the client, management, and staff in risk    Read more

assessments and implementation of appropriate data security procedures and products.

Candidate must be able to meet demands associated with managing multiple projects in a global environment and assist with tracking of overall BISO Operations success

Key Requirements

5 to 10 years of experience in cyber security or a high competency in a related technology field domain

Experience in vulnerability assessment, security incident response, and application security

Evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc.

Experience in analyzing and responding to advanced cyber threats, technology risk and the motivation/attack vectors of each threat

Experience in implementation of information security strategy, including compliance with industry best practices and regulatory requirements.

Preferred Certifications: CISSP (ISC2), CISA (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2), QISP (AISP), CIT/CWAT (CREST) etc.

The role will give you depth of experience at global level. Please send your CVs at akocar@ikasinternational.com with Subject "AVP/VP Information Security Officer / BISO"

Company Number: 200914065E / EA Number: 09C4763 / Registration No: R1110480

iKas International (Asia) Pte Ltd is a registered Employment Agency with the Singapore Ministry of Manpower (EA License Number: 16S8086

"Personal data collected will be used for recruitment purposes only"

Skills
Success Human Resource Centre Pte Ltd
16Jan
Security Analyst Engineer - Up To $5000 + Completion/Performance Bonus
Success Human Resource Centre Pte Ltd   via JobsCentral



1 year contract

Ang Mo Kio

Shift work required

Up to $5000 + Completion/Performance Bonus

Responsibilities:

Appraised of the current state ofcomputer security in place in the organization

Technically proficient and up-to-date in basic computer security policies and practices

Proactive in preventing Cyber-Security Incident

To perform technical security assessment for IT & Network components - Vulnerability assessment, Penetration testing, Opportunistic Hacking, Web application security testing, Security source code review etc.

To    Read more

monitor and track the identified vulnerability, issues and fix detected vulnerabilities to maintain a high-security standard.

Be familiar with browser, Web service, cloud security, mobile applications security, and operating system security concepts

Understanding of leading vulnerability scoring standards and ability to translate vulnerability severity as security risk

Perform forensic investigation if required.

Review all security logs.

Period:

1 year contract

Location:

Ang Mo Kio

Working Hours:

12hours shift

2 days off

2 days work

Salary:

Up to $5000 + Completion/Performance Bonus

Requirements:

Degree in Computer Engineering, Computer Science or equivalent, although consideration will be given to experience and certifications in lieu of degree.

At least 5 years' experience in cyber security

Certifications such as CREST, OSCP and CISSP (Not a must to have all)

Able to perform PenTest, Vulnerability Assessment & Risk Assessment

Strong in technical skill

Able to handle demanding service response and recovery turnaround

Able to manage daily support tasks to meet stringent SLA requirements

Excellent scheduling and multitasking skills

Meticulous and process-oriented

Interested applicants, kindly email your detailed resume (MS Word format is preferred):

[Click Here to Email Your Resume] (Reg No: R1107386)

Please ensure that applications sent through email are no bigger than 1Mb.

We thank all applicants for your interest but regret to inform that only shortlisted candidates would be notified.

Success Human Resource Centre Pte Ltd (EA License Number: 97C4832)

1 Sophia Road, Peace Centre,

#06-23/29 Singapore 228149

T: 6337 3183 | F: 6337 0329 | W: www.successhrc.com.sg

Skills