Sign in or register for a JobTech account.

Jobs that require application security design skill

MHA - Singapore Police Force (SPF)
19Mar
Manager (ICT Security Management) IGSD - PTD
MHA - Singapore Police Force (SPF)   via Careers@Gov



ICT SECURITY MANAGEMENT MANAGER (ISGD)

The Police Technology Department equips the Singapore Police Force (SPF) with effective and relevant technological capabilities to achieve the SPF’s mission to prevent, deter and detect crime. We constantly explore, assess and adapt cutting-edge technology to support our frontline Police officers, enhance policing efforts, and help fight crime. If you have a passion to use your technical skills to help the community and safeguard    Read more

Singapore, join us!

As Manager, ICT Security Management, you will assist Head, ICT Security Management in identifying, assessing, monitoring and mitigating security threats and risks to Singapore Police Force’s Information-Communication Technology (ICT) infrastructure and systems and digital information assets, as well as carrying out policy alignment and compliance activities.

You will be placed on the Home Team Specialist Scheme.

JOB EXPECTATIONS

You are also required to assist Head, ICT Security Management to establish security engineering standards and testing policies and to react accordingly to the changing technological, security and threat landscape.

You will have to be accountable for the security engineering and assurance through development of security hardening baselines and security test plans, and utilise security testing tools validate security posture of SPF ICT systems. This includes assessing systems deployed island-wide and on offshore islands to identify non-compliance to policies, standards and agreed system security design.

In addition, you will have to enforce security design on all SPF ICT systems and infrastructure, digital information assets and implement robust controls to mitigate the security risks.

You may be assigned other tasks as required by Assistant Director, ICT Security & Governance Division (ISGD) and Head ICT Security Management.

REQUIREMENTS

Computer Science or Information Technology or any other related fields

Possess Certified Information Systems Security Professional (CISSP) is preferred.

Ability to multi-task and work under extreme pressure with tight deadlines

Possess good writing, communication and interpersonal skills

Meticulous in planning

APPLICATION

To be part of our team, please submit an online application via www.careers.gov.sg.If you are short-listed, you will be notified within two weeks after the closing date for applications.

Skills
Sea Group
19Mar
EPM/BI Support Analyst
Sea Group   via Sea Group



Work closely with internal subject matter experts to ensure successful deployment of EPM and BI across the enterprise; ensure operational integrity of EPM and BI components including Financial Consolidation, Planning, Oracle Data Integrator, and Microsoft Power BI

Support system based activities including but not limited to:

1. Manage and update dimension members

2. Configure Application settings

3. Administer and monitor security

4. Maintain rules and member list files

5. Manage mapping files

6. Develop    Read more

report and analytics

7. Perform data extracts and loads

8. Ensure integrity of backups

9. Performance tuning and assist in technical process improvements

10.Develop security and controls functionality to support application security and internal audit requirements

Develop and deliver documentation and end-user training to the user community and provide user support with data submission/mappings, data grids, reporting, and use of applications

Participate in the development, implementation, and enforcement of policies, procedures, and controls related to EPM environment, processes, and reports

Work across departments to ensure that financial tools and processes are consistent with the overall objectives of the organization

Assist on various projects as required

Requirements

Bachelor's degree in Information Technology, Accounting, Business or Finance

Over 3 years of experience in administering Oracle EPM or Microsoft Power BI

Extensive knowledge of HFM and Planning, or Power BI

Prior experience in Oracle EPM or Microsoft Power BI implementations

Ability to write HFM and Hyperion Planning rules or ability to write Power BI DAX and M Language

Strong business analysis skills, including process mapping, business process redesign, and implementation

System implementation skills: requirements/process analysis, conceptual and detailed design, configuration, testing, training, change management and support

Strong interpersonal and team building skills; ability to work with a diverse team and influence/drive change across functional and business boundaries

Excellent communication skills with the ability to grasp complex concepts and the ability to communicate internally with all stakeholders

Strong problem solving and analytical skills

Hardworking with acute attention-to-detail skills and a good work ethic

Knowledge in programming language (e.g. Python, VBA) is a plus.

Skills
Xtremax Pte Ltd
18Mar
Application Security Consultant
Xtremax Pte Ltd   via JobsCentral



We are looking for experienced security professionals who can help our clients achieve a secured environment for their applications and web information. You must have strong experience in performing penetration testing and vulnerability management services for applications, network systems, operating systems and database. Candidates should have experience with black box, grey box, and white box testing. Selected candidates will work on a whole-of-government platform that hosts close to    Read more

500 web applications.

Responsibilities

Conduct security assessments such as penetration and vulnerability tests

Generate security reports

Evaluate and develop security solutions

Proactively assesses potential items of risk and opportunities of vulnerabilities in the network

Installation, configuration, monitoring and response to security system

Keep updated on knowledge of the IT security industry: including awareness of new or revised security solutions, security standards, trends / best practices, offensive techniques and tools

Collaborate and work well together in the IT Security team

Requirements

Good knowledge in web application and/or network infrastructure security

Experience in addressing web application security issues, such as those outlined in OWASP Top 10

Have good communication and report writing skills

Bachelor’s degree in IT-related field of computer science, computer engineering, information security, or equivalent

Certifications such as OSCP, CREST CCT or CRT are highly desirable and preferred

Skills
Xtremax Pte. Ltd.
18Mar
Application Security Consultant
Xtremax Pte. Ltd.   via JobsCentral



Roles & Responsibilities

We are looking for experienced security professionals who can help our clients achieve a secured environment for their applications and web information. You must have strong experience in performing penetration testing and vulnerability management services for applications, network systems, operating systems and database. Candidates should have experience with black box, grey box, and white box testing. Selected candidates will work on a whole-of-government platform that hosts    Read more

close to 500 web applications.

Responsibilities

Conduct security assessments such as penetration and vulnerability tests

Generate security reports

Evaluate and develop security solutions

Proactively assesses potential items of risk and opportunities of vulnerabilities in the network

Installation, configuration, monitoring and response to security system

Keep updated on knowledge of the IT security industry: including awareness of new or revised security solutions, security standards, trends / best practices, offensive techniques and tools

Collaborate and work well together in the IT Security team

Requirements

Requirements

Good knowledge in web application and/or network infrastructure security

Experience in addressing web application security issues, such as those outlined in OWASP Top 10

Have good communication and report writing skills

Bachelor’s degree in IT-related field of computer science, computer engineering, information security, or equivalent

Certifications such as OSCP, CREST CCT or CRT are highly desirable and preferred

Skills
United Overseas Bank Ltd (UOB)
18Mar
Vp, Vulnerability Management , Ciso
United Overseas Bank Ltd (UOB)   via JobsCentral



About UOB

United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices.

Our history spans more than 80 years. Over    Read more

this time, we have been guided by our values — Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.

About the Department

The Technology and Operations function is comprised of five teams of specialists with distinct capabilities: business partnership, technology, operations, risk governance and planning support and services. We work closely together to harness the power of technology to support our physical and digital banking services and operations. This includes developing, centralising and standardising technology systems as well as banking operations in Singapore and overseas branches.

Information Security - Vulnerability Management

Job Description

Conduct regular perimeter or internal application and network vulnerability scanning

Responsible for researching and analyzing vulnerabilities, identifying relevant threats, corrective action recommendations, summarizing and reporting remediation results

Work with internal departments or application teams for addressing vulnerabilities include system patching, deployment of specialized controls, code fix or infrastructure changes

Identify and resolve any false positive findings in assessment results

Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible application owner and support teams

Build effective relationships with stakeholders who own and support applications, IT infrastructure, and operations

Review web application firewall (WAF) and Trend Micro Deep Security (HIPS) policies

Utilize business and technical expertise to develop Splunk use cases and build Splunk apps, complex searches, custom reports/dashboards to meet business requirements

Support clustered Splunk deployments and optimize system configurations

Qualifications:

Bachelor's degree in a related field and/or a minimum of 3-5+ years of experience in performing vulnerability assessments, or equivalent experience

Experience using Rapid7 Nexpose and Tenable Nessus as the primary vulnerability scanners

Understanding of security controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security)

Experience in scripting (PowerShell, Python, Ruby, etc.) or programming

Excellent problem solving and troubleshooting skills

Ideally one or more security certifications (e.g. CISSP, OSCP, GPEN) or related certifications

Experience with Splunk in large scale & clustered Splunk deployment and/or experience in developing Splunk applications

Experience in configuring Splunk Search Heads, Indexers, and Universal Forwarders in a distributed environment

DevOps familiarity with Chef (or Puppet/Ansible), Git and Jenkins

Familiarity with security tools such as web application firewall, host instruction prevention system, file integrity monitoring, privileged session monitoring

Self-motivated and able to collaboratively with both customers and other team members, and deliver results with minimal supervision

Project Management experience

Be a part of UOB Family

Apply now and make a difference.

Skills
DBS Bank Ltd.
17Mar
Contract Senior, Application Security Engineer, It Shared Services, T&O (Wd00599)
DBS Bank Ltd.   via JobsCentral



Roles & Responsibilities

Business Function

Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.

Purpose

This candidate will lead the onboarding to multiple Security    Read more

platforms: SAST (Fortify), DAST (WebInspect), Third party risk (open source and propriety). They will also provide advisory to project teams on software security and platform related topics

Accountabilities

Lead the support of SAST, DAST, OSS Risk platforms

Provide expertise to drive the bank-wide standardisation of software security tools usage, around industry leading practices, and support the adoption.

Lead the onboarding to SAST,DAST, OSS Risk platforms

Improve the core security knowledge of the team in order to support the onboarding to the platform

Provide Security requirements and security testing advisory to the project teams

Responsibilities

Support the Software Security Initiative in driving the transformation of application security across the Bank

Support the team in the design and build the DevSecOps toolchain.

Support the onboarding to the SAST and DAST platforms and Open Source Software Risk platform

Conduct software security trainings and/or “Office Hour Talks” on a periodic basis

Occasional travel (quarterly) to regional office in DBS India is required

Requirements

Approx. 5 years’ experience in an application development role, of which at least 2 years should be in an application security capacity

Good understanding of Secure SDLC (or “Secure By Design”) framework

Knowledge and hands-on experience with SAST/DAST tools

At least 1 year experience with Security Testing and/or Penetration Testing

Experience with IAST, Open Source Software Scanning tools is an advantage

Either possessing CISSP/CSSLP or equivalent certification, or is a candidate to achieve the certification(s)

Able to work with technology experts at all levels of the hierarchy with credibility

Open to new ideas and prepared to innovate – showing flexibility

Skills
M1 Limited
17Mar
Senior/Network Security Engineer, Cloud Solutions
M1 Limited   via JobsCentral



Roles & Responsibilities

Plan, design, implement, configure, maintain and troubleshoot network security devices and applications

Deploy Next Generation firewall including IPS / IDS / UTM. Identify appropriate firewall solution to customers

Streamline security policies, conduct vulnerability assessment and updates

Provide analysis of firewall / IDS / IPS logs and deliver monthly Service Report and Incident Report

Provide technical expertise, guidance on IT security design, understanding of SIEM requirements

Engage IT Security Consultant in Risk    Read more

Assessment discussions

Participate in network security design assessment and respond to / investigate security advisories

Requirements

Degree or Diploma in IT / Computer Science or it related discipline

Minimum 5 years’ experience in managing and implementing security infrastructure such as firewall / IDS / IPS / etc.

Working experience with Cisco, Palo Alto, Check Point, Fortinet, Juniper or any other Firewall devices

Certification in CISSP (Certified Information Systems Security Professional), CISM (Critical incident stress management), CISA (Certified Information Systems Auditor), or equivalent

Good understanding in the area of IP networking, WAN routing and LAN switching, with CCNA (Cisco Certified Network Associate), JNCP (Juniper Networks Certification Program) or equivalent.

Good communication skills and ability to convey complex security concepts to all levels of management

Technical knowledge or experience integration with other products would have added advantage

Skills
M1 Limited
17Mar
Senior/Network Security Engineer
M1 Limited   via JobsCentral



Roles & Responsibilities

Plan, design, implement, configure, maintain and troubleshoot network security devices and applications

Deploy Next Generation firewall including IPS / IDS / UTM. Identify appropriate firewall solution to customers

Streamline security policies, conduct vulnerability assessment and updates

Provide analysis of firewall / IDS / IPS logs and deliver monthly Service Report and Incident Report

Provide technical expertise, guidance on IT security design, understanding of SIEM requirements

Engage IT Security Consultant in Risk    Read more

Assessment discussions

Participate in network security design assessment and respond / investigate security advisories

Requirements

Degree or Diploma in IT/Computer Science or it related discipline

Minimum 3 years’ experience in managing and implementing security infrastructure such as firewall/IDS/IPS, etc

Working experience with Cisco, Palo Alto, Check Point, Fortinet, Juniper or any other Firewall devices

Certification in CISSP (Certified Information Systems Security Professional), CISM (Critical incident stress management), CISA (Certified Information Systems Auditor), or equivalent

Good understanding in the area of IP networking, WAN routing and LAN switching, with CCNA (Cisco Certified Network Associate), JNCP (Juniper Networks Certification Program) or equivalent.

Good communication skills and ability to convey complex security concepts to all levels of management

Technical knowledge or experience in integration with other products would have added advantage

Skills
AXS Pte Ltd
17Mar
Assistant Manager, It Security
AXS Pte Ltd   via JobsCentral



The candidate will be required to:

Perform IT Security reviews, Penetration testing and schedule assessments

Develop and conduct security awareness trainings for internal staff

Coordinate and review monthly security assessment reports for external customers

Manage security solutions and ensuring availability to support business operation

Analyse cyber threat from network traffic, security logs and relevant security data

Assess vulnerabilities, risks and cyber security threats and their impact to applications

Perform    Read more

security incident response and root cause analysis

Evaluating and recommending cyber security technologies and solutions

The preferred candidate would:

Possess an IT-related degree with at least 5 years of relevant experience would be preferred

Have knowledge in standards such as MAS TRM, PCI/DSS, ISO27001

Holds or working towards CISA/CISM/CISSP certification

Be self-driven and independent, with good attention to detail and quality

Have good communication and interpersonal skills to deal effectively with others

Possess good understanding and knowledge of current cyber security trends, threats, solutions and tools

Have working knowledge of security services such as Encryption, Privileged Access Management, Application Security and Network Security

Possess good analytical, organizational, communication and interpersonal skills

Candidates with more experience will be considered for a Manager-level position

Skills
United Overseas Bank Ltd (UOB)
17Mar
Fvp, Technical Delivery Manager, Gto
United Overseas Bank Ltd (UOB)   via JobsCentral



Job Title

Technical Delivery Manager

Job Responsibility

Plan technical deliverables (including any system enhancements and upgrades) to meet project’s requirements within allocated budget and schedule.

Plan & collaborate across different application teams to manage technical dependencies of the solution

Plan, monitor and manage risks/issues related to technical delivery

Provide status update relatedto technical delivery to Project Manager (PM)

Partner with System Analysts and Business Solution Specialist to collate, understand    Read more

and finalize functional and technical requirements

Partner with Architects and Development Lead to ensure solution design complies with enterprise design principles, security and control standards

Partner with Development Manager in managing application teams to build the enhancements

Partner with Test Manager to ensure completion of System Integration Testing (SIT), User Acceptance Testing (UAT), performance / load testing and application security testing with quality results

Manage technical implementation plan across application teams - coordinate technical implementation activities across application teams toensure non-event production cutover and adequate post implementation support

Escalate issues that impacts project schedule on timely basis and propose workarounds/resolutions

Job

Requirements

Technical Skills & Experience

Strong technical knowledge and/or platform knowledge (e.g. Murex)

Good business domain knowledge in at least one area (e.g. Retail and Corporate Loans Origination)

More than 7 years track record in developing and delivering global/regional IT capabilities for a multi-national/regional company with annual budgetary responsibility

More than 3 years leadership experience in managing IT delivery teams

Experience in communicating with technical stakeholders

Experience in banking industry preferred

Experience in implementing large-scale, highly available applications or other large project implementation

Experience in service-oriented technologies

Proven result-oriented person with a focus on delivery

Experience in actual systems development work, with prior coding, functional specifications and technical specifications and systems development and testing experience (in aggregate no less than 8 years)

Good understanding and experience in software development cycle

Highly effective communicating with technical stakeholders, proficient communicating with non-technical stakeholders

Good problem solving, analytical, synthesis, system thinking and solutioning skills

Education

Bachelor's degree in computer science, engineering or similar domain

Related professional/technical qualification will be advantageous although not mandatory

Skills