Specialist, Application Security

**Location**

Singapore, Central Singapore

**Job Type**

Permanent

**Salary**

$4,500 - $8,200 Per Month

**Date Posted**

3 hours ago

Additional Details

**Job ID**

5677

**Job Views**

1

Roles & Responsibilities
- Opportunity to **be a part of Compliance & Risk Management organization in Singapore**:

- **Based in Singapore**, the regional hub for Asia Pacific (AP) and top-ranked biopharmaceutical company on The Straits Times and Statista’s list of Best Employers in Singapore for two consecutive years (2020, 2021).
- Join the **premier biopharmaceutical company** that has been in Singapore for more than **25 years and in AP for over 60 years.**

Our IT team operates as a business partner proposing ideas and innovative solutions that enable new organizational capabilities. We collaborate internationally to deliver the services and solutions that help everyone to be more productive and enable innovation.
**WHAT YOU WILL DO**

**Primary Responsibilities**

Cloud Security
- Propose and align with Cloud Security functional leads or manager on objectives and key success factors or results for global or regional initiatives and projects. Take the lead and deliver on objectives.
- Be responsible for evaluating new cloud solutions and developing the supporting security approaches required to incorporate new cloud technologies in a safe and secure manner.
- Participate and contribute to cross functional engagements, achieve risks and compliance objectives. Cross functional teams include:
a. Cyber Fusion Center in Singapore and/or US

b. Cybersecurity Engineering, namely

i. Identity & Access Management

ii. Data, Network

Application Security
- Propose and align with Application Security functional leads or manager on objectives and key success factors or results for global or regional initiatives and projects. Take the lead and deliver on objectives.
- Support the implementation of DevSecOps across regional Application Development teams
- Participate and contribute to cross functional engagements, achieve risks and compliance objectives. Cross functional teams include:
a. Software or Application Development

b. Cyber Fusion Center in Singapore and/or US

c. Cybersecurity Engineering, namely

i. Identity & Access Management / IAM Governance

ii. Security Data Analytics

Competencies
- Design a robust and coherent cloud security architecture based on key design principles. Identify and evaluate cloud security solutions or design patterns meeting organizational requirements.
- Establish a collaborative governance structure around the use of new cloud features to establish an agreed risk posture.
- Define the requirements, best practices, and lead the collaborative development of cloud security system/service architecture, design and engineering.
- Define identity security or governance strategy in the cloud. Evaluate cloud-based solutions, establish processes, policies, and enforcement controls to achieve organizational cloud security strategy for identity security.

Leadership
- A team-focused mentality with the proven ability to work effectively with diverse stakeholders.
- Understand business needs and commit to delivering high-quality, prompt, and efficient service to the business.
- Ability to communicate well to diverse audiences, clear and concise in presentations
- An ability to work extremely well under pressure while maintaining a professional image and approach.
- Self-motivation, personal drive, and high energy.

Technical Knowledge

Good knowledge and experience with the following concept, methodology, products, platforms, services, and protocols.
- Cloud Platforms & Services. E.g., PaaS, IaaS, SaaS, CASB, SASE.
- Extensive knowledge and experience in Risk Management and Information Security, Identity & Access Management, and Identity Governance & Administration.
- Dynamic Application Security Testing & Static Application Security Testing. Using tools such as Fortify on Demand, WebInspect.
- Software Composition Analysis, Open Source Security. Using tools like Black Duck.
- Data Encryption & Key Management.
- API Security
**WHAT YOU MUST HAVE**

To be successful in this role, you will have:
**Education Minimum Requirement**:
BS in Information Security, Computer Science or Engineering or equivalent experience.
**Required Experience and Skills**:

- 3 to 5 years of experience in risk management and security and/or regulated or compliance environment.
- Ability to connect with stakeholders on processes and information, both in the local region and abroad is essential.
- Familiarity with Agile methodology, Software Development Lifecycle (SDLC) and IT Information Library (ITIL).
- Familiarity with information security program frameworks, including ISO 27001/2, COBIT, NIST and MITRE.
- Familiarity with laws and regulations, such as PCI-DSS, GDPR, HIPAA, SOX, or GLBA.
- Excellent oral and written communication skills possess good presentation skills.
- Relevant certifications are desired.

Our Support F