Senior Specialist, Application Security

**Primary job a**ctivities include**:

- Cloud SecurityPropose and align with Cloud Security functional leads or manager on objectives and key success factors or results for global or regional initiatives and projects. Take the lead and deliver on objectives.

Be responsible for evaluating new cloud solutions and developing the supporting security approaches required to incorporate new cloud technologies in a safe and secure manner.

Participate and contribute to cross functional engagements, achieve risks and compliance objectives. Cross functional teams include:

- Cyber Fusion Center in Singapore and/or US
- Cybersecurity Engineering, namely
- Identity & Access Management
- Data, Network & OT
- Application Security_

Propose and align with Application Security functional leads or manager on objectives and key success factors or results for global or regional initiatives and projects. Take the lead and deliver on objectives.

Support the implementation of DevSecOps across regional Application Development teams

Participate and contribute to cross functional engagements, achieve risks and compliance objectives. Cross functional teams include:

- Software or Application Development
- Cyber Fusion Center in Singapore and/or US
- Cybersecurity Engineering, namely
- Identity & Access Management / IAM Governance
- Security Data Analytics
- Operational Technology (OT) Security
- Competencies
Design a robust and coherent cloud security architecture based on key design principles. Identify and evaluate cloud security solutions or design patterns meeting organizational requirements
- Establish a collaborative governance structure around the use of new cloud features to establish an agreed risk posture.
- Define the requirements, best practices, and lead the collaborative development of cloud security system/service architecture, design and engineering.
- Define identity security or governance strategy in the cloud. Evaluate cloud-based solutions, establish processes, policies, and enforcement controls to achieve organizational cloud security strategy for identity security- Leadership_

Foster collaboration, listen and learn from stakeholders and people with different cultures across functional areas

A team-focused mentality with the proven ability to work effectively with diverse stakeholders.

Build talents and enable them to succeed. Set an example and share the knowledge

Understand business needs and commit to delivering high-quality, prompt, and efficient service to the business.

Ability to communicate well to diverse audiences, clear and concise in presentations

An ability to work extremely well under pressure while maintaining a professional image and approach.

Self-motivation, personal drive, and high energy.
- Technical Knowledge
- Good knowledge and experience with the following concept, methodology, products, platforms, services, and protocols.
- Cloud Platforms & Services. E.g., PaaS, IaaS, SaaS, CASB, SASE
- Extensive knowledge and experience in Risk Management and Information Security, Identity & Access Management, and Identity Governance & Administration
Dynamic Application Security Testing & Static Application Security Testing. Using tools such as Fortify on Demand, WebInspect,
- Software Composition Analysis, Open Source Security. Using tools like Black
- Duck Data Encryption & Key Management
- API Security
- Others_

May require occasional off-hours work

**We offer**:
Competitive remuneration Position in a world leading global company Challenging career Professional growth based on performance Innovative working environment Wide range of benefits

**Qualifications, Skills & Experience**:

- Education: BS in Information Security, Computer Science or Engineering or equivalent experience.
- At least five (5) years of experience in risk management and security and/or regulated or compliance environment
- Ability to connect with stakeholders on processes and information, both in the local region and abroad is essential
- Familiarity with Agile methodology, Software Development Lifecycle (SDLC) and IT Information Library (ITIL)
- Familiarity with information security program frameworks, including ISO 27001/2, COBIT, NIST and MITRE
- Familiarity with laws and regulations, such as PCI-DSS, GDPR, HIPAA, SOX, or GLBA
- Aptitude to train fellow staff on functional expertise and mentor junior team members
- Excellent oral and written communication skills, possess good presentation skills
- Relevant certifications are desired

**Search Firm Representatives Please Read Carefully**

**Employee Status**:
Regular**Relocation**:
No relocation**VISA Sponsorship**:
**Travel Requirements**:
**Flexible Work Arrangements**:
**Shift**:
**Valid Driving License**:
**Hazardous Material(s)**:
**Requisition ID**:R165755