About Our Client The company is a multinational bank that caters to global markets.
Job Description Application Security Analysis: Perform thorough security assessments of applications throughout the SDLC, identifying vulnerabilities and implementing remediation strategies to ensure robust security measures are in place.Security Framework Development: Design and implement security frameworks and best practices for the application development lifecycle, fostering a culture of security-first thinking among engineering teams.Collaboration: Work closely with cross-functional teams, including software developers, QA engineers, and DevOps, to educate and enforce secure coding practices, threat modeling, and vulnerability management.Risk Assessment: Conduct risk assessments and threat modeling sessions to evaluate potential security risks related to new and existing applications, proposing actionable solutions and enhancements to mitigate said risks.Incident Response: Collaborate with the incident response team to investigate security breaches, perform root cause analysis, and recommend preventive measures to protect application integrity.Security Tools Implementation: Evaluate, recommend, and deploy security tools and technologies to automate security testing and monitoring within the application release pipeline.Compliance Assurance: Ensure that applications comply with industry regulations and standards (e.g., PCI DSS, ISO 27001), and assist in audits by providing security documentation and findings as required.Continuous Learning: Stay updated on the latest security threats, vulnerabilities, and industry trends to continuously improve the organization's security posture.The Successful Applicant Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.Experience: Minimum of 8 years of hands-on experience in IT security, with a strong emphasis on application security in the banking or fintech sectors.Certifications: CISSP certification is required; additional certifications (e.g., CEH, AppSec, OWASP) are a plus.Technical Skills:Proficiency with security tools and technologies, such as static and dynamic application security testing (SAST/DAST) tools, identity and access management (IAM), web application firewalls (WAF), etc.Familiarity with programming languages (e.g., Java, C#, Python) and secure coding practices.In-depth knowledge of security frameworks and standards, including OWASP Top Ten, NIST, and ISO 27001.Soft Skills: Strong analytical and problem-solving abilities; excellent communication and interpersonal skills to articulate security concepts to technical and non-technical stakeholders.What's on Offer Competitive SalaryCompetitive HMO & Health BenefitsPerformance BonusLeave Incentives
#J-18808-Ljbffr