Job scope
- Provide security consultancy, technical guidance, expertise, and solutions.
- Advise and review application security design to detect potential security issues and for each issue, propose and drive remediation tasks.
- Help application team in developing and implementing security test and verification scripts for testing and validating security controls/issues.
- Able to engage and execute security vulnerability scanning activities (VAPT/SAST/DAST/MAST activities etc) & triage security findings.
- Define scope and review the results of security tests, reviews, and audits to ensure security assurance is achieved.
- Identify and assess cyber risks in the application and network.
- Perform threat modelling on security-critical applications.
- Recommend and drive cyber security solutions and initiatives to improve the cyber security of the organisation.
- Deliver security projects, such as the implementation of security software, POC of DevSecOps tool and create rules/scripts that help identify latest security issues
- Ensure clients' compliance policies/procedures are met through ongoing security reviews, audits, and exercises.
- Improve DevSecOps implementation and provide assistance to developer in understanding the vulnerabilities reported by the tool
Job requirement
- Bachelor's degree in computer science, or any equivalent
- Around 2 years' experience in DevSecOps
- Good understanding of Application Vulnerability
- Should be able to provide Mitigation and Remediation Steps to engineering team to fix these vulnerabilities.
- Should also know the impact of each vulnerability so that they can calculate the risk to the organization accordingly
- Able to perform Secure Design Review and identify potential security risk DevSecOps.
- Familiar with Gov standard of security posture including planning and running Security Compliance Check, Security Vulnerability Scanning
- Familiar with IM8 policies
- Familiar with SSO, OpenID Connect(OIDC)/ Security Assertion Markup and Multi-Factor Authentication (MFA) Framework
Cristina Malabuyoc Malijan EA License No. 02C3423 Personnel Registration No. R1111547
Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit https://www.manpower.com.sg/privacy-policy