MINIMUM REQUIREMENTSEDUCATION :Bachelor's Degree in computer science, engineering, or relevant field.EXPERIENCE :At least 5 years of experience in information technology, 2 years experience in information security focusing on ITgovernance, network or application security.SPECIFIC KNOWLEDGE:Problem Solver Mindset, Strong Project Management Knowledge with documentation, Knowledgeable in productdevelopment lifecycles, Knowledgeable software development lifecycles, Strong leadership and team buildingcharacteristics, Expertise and Experience in Banking and Digital Transformation projects.BUSINESS UNDERSTANDING:Understanding of advanced business planning and regulatory issues. Keep abreast of technology trends,competitors' activities, and related regulations.SPECIFIC DUTIES AND RESPONSIBILITIES? Overall incharge of managing and improving existing Internal Applications and itsinteraction to Stakeholders. (i.e. Clients, Business Units, Execom)? Conducts and improves project application security risk and threat assessment process to identify the securityposture of the project.? Runs vulnerability scan, penetration testing, and exploit code execution for systems to ensure that the securityof the application that will be deployed in the live environment meets the global standards. Update theinformation security workbook for the newly identified vulnerabilities.? Performs security assessment, and reviews architecture and design patterns on mobile projects and APIs(Application Program Interface) to secure the applications from malicious threat actors.? Analyzes results of reconnaissance, automated scan, and penetration testing to document and identifyvulnerabilities and remediations. Verify if there is a CVE value for the identified vulnerabilities.? Recommends technical solutions to the vulnerabilities identified during assessment and reviews the accuracyof the recommended remediation by the security specialist.? Reviews the application libraries or components by applying in-depth methods of application security to identifythe potential security flaws of the project.? Conducts Static Application Security Testing (SAST) to identify the attack vectors in the source code, andrecommends remediations to prevent exploitation by threat actors. Assess the viability of the SAST toolquarterly and recommend it if needed.? Researches new security technologies from various platforms and presents the research findings to the teamfor Information Security Summit Topics.? Attends, documents and coordinates project kick-offs with the software development team to provide feedbackon the potential concerns that may be encountered in the project development.? Facilitates information security training to educate the users to protect the company data against threat actors.SALARY RANGE: 40,000-60,000WORK LOCATIONS: Makati, Permanent hybrid set-uPWORK SCHEDULE: Day shift (8-5, 9-6, 10-7)