You may also like
Network and Security Engineer (Basic Salary Plus Discretionary Bonus)
- Disaster Recovery Planning
IT Risk Officer
G4S Security Systems
- Corporate Communications
Senior Officer – Cyber Security
New World Development
- IT Security
Manager, Information Security (95710)
Advisory - Risk - Cyber Security - Manager / Senior Associate (OSCP, SIEM, Policy framework, Research, Cyber Analytics)
Ernst & Young (EY)
- Internal Control
- Application Development
- Risk Management
Application Security Lead
Location: Hong Kong, HK
Uplift and transform Application Security practices, tools and processes within the Group.
- Provide Leadership across all aspects of Application security and controls
- Enhance development practices to embed secure coding standards
- Partner with Application Development teams to optimize processes, toolsets and controls within the SDLC
- Provide Subject Matter Expertise to developers on Application Security Controls
- Evaluate, design, and support the build and implement security solutions for Mobile and Web applications
- Perform Application Security and Control Assessments
- To work in partnership with Business Units to provide advice on Application Security related matters.
- Drive Application security strategy, and ensure policy and standards reflect best practices
- Provide oversight of application security control metrics
- Work collaboratively with key vendors and business partners to deliver effective security services in Projects.
- Deliver Application security training and awareness
- Provide subject matter expertise for security of mobile applications and critical group application
- Evaluate and identify cost effective, automated solutions to uplift current development practices
- Broaden technology risk management coverage across key control areas such as testing, change and deployment controls for development
- Degree holder in Computer Science or majoring in Information Systems, or related discipline.
- 10 years+ experience in Application Development with a security focus, gained in another sizable organization
- Strong technical skills in application development security practices
- Experience desirable with Java.Net C++ and IOS/Android development
- Practical experience of security testing tools for applications
- Detailed knowledge of common application vulnerabilities
- Excellent understanding of application security best practices, defensive programming techniques
- A passion for enhancing the security awareness and capability of development teams
- Excellent team working and collaborative skills
- Be adaptable, able to interact and build strong relationships with people from a diverse range of backgrounds.
- Occasional travel is required.
|Career Level||Lead (more than 10 years)|