Application Security Consultant
at ASTEK SINGAPORE INNOVATION TECHNOLOGY PTE LTD
Singapore, Southeast, Singapore -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 17 Aug, 2024 | USD 8000 Monthly | 17 May, 2024 | N/A | Mongodb,Firewall,Databases,Wealth Management,Remediation,Measures,Connectivity,Digital Transformation,Encryption,Emerging Technologies,Design,Linux,Operating Systems,Postgresql,Information Security,Oracle,It,Data Analytics,Oauth,It Risk Management,Cloud | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
Astek is offering a role of Application Security Consultant for one of our project based in Singapore.
Security Architecture:
- Plan, research, and design security architectures for IT systems
- Review and approve security requirements for applications and IT setup
- Ensure compliance with security architecture standards, including third-party and cloud security risks
- Protect Wealth Management business data and assets with adequate security levels
- Identify and manage IT security risks proactively
- Provide regular security reports to management
Security Projects
- Participate in and track various initiatives aimed at enhancing Wealth Management’s security stance
- Monitor and report progress on these initiatives to management
- Identify, document, and report IT risks identified during these initiatives
Security compliance
- Align with Group and Wealth Management GAIM security policies for project and production assets
- Ensure compliance with regulatory requirements from APAC (HKMA, MAS), EU (GDPR), Switzerland (FINMA), and others
- Utilize deep knowledge of security standards like NIST, CIS, ISO2700x to ensure IT security requirements compliance
- Ensure compliance with third-party technology risks and cloud security regulations
Data Management and Data analytics/science technologies
- Stay updated on data security and protection regulations and measures
- Familiarize with data analytics and data sciences technologies, including standard practices and cloud solutions
- Implement Data Management, Data analytics, and data science solutions in line with Group security architecture requirements (e.g., Tableau, PowerBI, AI, R, Python, DevSecOps, API management)
- Proactively identify, document, and follow up on IT security risks
- Provide regular security reports to management
Coordination activities
- Align with objectives and contribute to global reporting (e.g., WM Cybersecurity Committee, WM Project Architecture, Security validation committees, Application Security Dashboard)
- Coordinate with Global security teams for integrating WM assets into production sites
- Stay updated on IT Security initiatives within the Group and engage with other IT Security stakeholders
Security Posture
- Take part in deploying new security practices and DevSecOps pipeline
- Ensure adherence to SSDLC practices
Contribute to awareness and training activitiesReport on identified risks and security deviations
Requirements:
- Strictly 5-8 years’ experience in information security and IT risk management.
- Experience in evaluation and design of technical architectures and processes
- Functional as well as technical knowledge of the common architecture and Cybersecurity frameworks and solutions
- Proficient in network protocols, connectivity, Firewall, and Internet technologies
- Familiar with secure application design, DevSecOps tools, and CI/CD practices
- Skilled in secure access control, encryption, and key management techniques
- Technical expertise in various operating systems (Linux, Windows, AS400) and databases (Oracle, MSSQL, PostGreSQL, MongoDB)
- Knowledgeable about digital transformation, mobile technologies, Cloud (Containers Docker, Kubernetes), and emerging technologies like NFT and encryption
- Familiarity with OAuth, Single Sign-On, API-based approaches, TDD, BDD
- Understanding of standard IT security concepts, methodologies, cybersecurity threats, and remediation
- Proficient in IT Security Risk Assessment and Risk Management
- Knowledgeable about banking regulations, especially in the international and APAC regions, and specific to Wealth Management
Responsibilities:
Please refer the Job description for details
REQUIREMENT SUMMARY
Min:N/AMax:5.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Proficient
1
Singapore, Singapore