Web Application Security and Architecture Specialist recruitment
Our client has established the IS Risk Management Office which governs the overall IS risk management posture that includes Information Security, Business Continuity DR, IS Privacy, IS Compliance, and IS Audit. It works with the Global IS Risk Management Office and the head regional IS Risk Management Office.
Our client’s IS Risk Management Office organization is staffed by highly qualified professionals with at least two industry accepted industry recognised information security certifications (CISSP, CISA, CISM). These individuals have at least 5 years of prior experience focusing on a company’s IS risk management maturity level from a strategic, planning, execution and overall daily operations perspective.
Main Responsibilities:
- Responsibility for managing web application security framework including testing, code review and assessment.
- As a security consultant to propose new security technology and work with architecture team from design to deployment phase.
- Working with application team and provide consultancy services to them.
- Maintain web application and DB security framework and guidelines.
- Reviewing business impact, risk assessment and security architecture.
- Builds the architecture framework through a consistent set of security principles, technology standards and architectural constructs which guide the solution design, engineering and deployment.
- Propose and recommends strategy and direction to mitigate security risks within the IT architecture and infrastructure. At least 5-year experiences in IT Security/IT Risk/Information Security/Technology Risk field.
- Hands-on experience on analysing Web application/Network/Wireless/DB Security.
- Knowledge and experienced in structured programming language, database management/development systems (Visual Basic, HTML, ASP, JavaScript, SQL server and Microsoft Access etc;).
- Hands-on experience on analysing Web application/Network/Wireless/DB Security.
- Knowledge and experienced in structured programming language, database management/development systems (Visual Basic, HTML, ASP, JavaScript, SQL server and Microsoft Access etc;).
- Understanding of Information Security and Risk Management. Security models and best practices; Effects of technology adoption on the security and control of systems (Business and IT); Standard methodologies for the creation of security frameworks, policies and procedures.
- Knowledge in SOX, SSAE16, privacy and relevant compliances.
- Deep knowledge and experience on information technologies of servers / clients (Windows / Unix/AIX), Network, (Cisco) Firewall / IDS, Databases (SQL, DB2, ORACLE etc;). Antivirus/malware etc;
- Understanding of access controls, (Logical, physical, systems and applications)
- Experiences in deploying security solutions (such as Vulnerability management, Patch Management, Log management or DLP solution etc;)
Soft Skill:
- Able to work under pressure, time and task management.
- High integrity and professional work practice.
- Strong initiative, flexible and personal drive for results.
- Good team player and able to work on own role independently.
- Good analytical, problem solving and project management skills.
- Strong presentation and interpersonal skills, with good customer focus and relationship management.
- Motivated and adapt to new environments
Language:
English (Native or TOEIC 750 above)
Japanese (Native or N1)
Certifications:
CISSP, CISM, CISA, Security+, BCI/DRI, ISO25999 certification
For interested candidates, please send your application by clicking the “Apply” button or send your CV to info@stpsearch.com quoting reference number STPVM-J#383. For a complete list of our current IT opportunities, please visit www.stpsearch.com.