Ciso07 - Application Security Management

Job Description:
Designing and managing secure SDLC process for applications and related systems in the bank to align with Security Baseline. Performing Application Security Testing/Source Code Review as the phase of Secure SDLC. Developing, implementing, and reporting on the application security testing process. Preferrable certification :
ISO 27001 Information Security Management System (ISMS) Lead Implementer & Lead Auditor, ITIL Fundamental, CompTIA Server+, CompTIA Security+, CompTIA Cloud+, Certified Secure Software Lifecycle Professional (CSSLP). Minimum Qualifications:
Minimum 7 years experience in application security operations and development. Experience on Application Developer. Experience working in a secure SDLC environment. Experience with DeOvps activities and integration. Experience with Application Security Testing/Source Code Review. Experience with Penetration Testing/ Security Assessment/ Vulnerability Assessment. Have knowledge of IT Security Tools (e.g., firewall / IPS / key management / antivirus / patch management / end point protection). Knowledge of industry frameworks (e.g., ISO 27002, NIST Cyber Security Framework, OWASP) is an advantage. Preferable CSX Fundamentals, COBIT 5, ITIL Fundamental, ISO 27001 LA/LI, ISO 9000 Quality Management System, TOGAF 9.1, Systems Security Certified Practitioner (SSCP), Certified Information Systems Auditor (CISA). Strong written and verbal communication skill.