MSD SPECIALIST APPLICATION SECURITY & CLOUD 

Singapore, Singapore 

434938411

What You Will Do

·As a subject matter expert, engage and guide application teams on cloud security related matters, including cloud security & design patterns, security benchmarks & standards, baselines & best practices

·Propose and align with Cloud Security functional leads or manager on objectives and key success factors or results for global or regional initiatives and projects. Take the lead and deliver on objectives.

·Be responsible for evaluating new cloud solutions and developing the supporting security approaches required to incorporate new cloud technologies in a safe and secure manner.

·Participate and contribute to cross functional engagements, achieve risks and compliance objectives. Cross functional teams include:

ØCyber Fusion Center in Singapore and/or US

ØCybersecurity Engineering, namely

ØIdentity & Access Management

ØData, Network

·As a subject matter expert, engage and guide application teams on application security related matters, including Application Security processes, architectural reviews, penetration testing and vulnerability management and remediations.

·Propose and align with Application Security functional leads or manager on objectives and key success factors or results for global or regional initiatives and projects. Take the lead and deliver on objectives.

·Support the implementation of DevSecOps across regional Application Development teams

·Participate and contribute to cross functional engagements, achieve risks and compliance objectives. Cross functional teams include:

ØSoftware or Application Development

ØCyber Fusion Center in Singapore and/or US

ØCybersecurity Engineering, namely

ØIdentity & Access Management / IAM Governance

ØSecurity Data Analytics

Technical Knowledge

Good knowledge and experience with the following concept, methodology, products, platforms, services, and protocols.

• Cloud Platforms & Services. E.g., PaaS, IaaS, SaaS, CASB, SASE
• Extensive knowledge and experience in Risk Management and Information Security, Identity & Access Management, and Identity Governance & Administration
• Modern application development & deployment. E.g., DevSecOps, shift-left approach, Infrastructure as Code
• Dynamic Application Security Testing & Static Application Security Testing. Using tools such as Fortify on Demand, WebInspect,
• Software Composition Analysis, Open Source Security. Using tools like Black Duck
• Data Encryption & Key Management
• API Security

May require occasional off-hours work

What You Must Have

• BS in Information Security, Computer Science or Engineering or equivalent experience.
• Relevant experience in risk management and security and/or regulated or compliance environment
• Ability to connect with stakeholders on processes and information, both in the local region and abroad is essential
• Familiarity with Agile methodology, Software Development Lifecycle (SDLC) and IT Information Library (ITIL)
• Familiarity with information security program frameworks, including ISO 27001/2, COBIT, NIST and MITRE
• Familiarity with laws and regulations, such as PCI-DSS, GDPR, HIPAA, SOX, or GLBA
• Excellent oral and written communication skills, possess good presentation skills
• Relevant certifications are desired

What we look for …

This posting has been created to pipeline talent for prospective roles that we anticipate will be needed soon in our organization. By applying to this Pipeline Advertisement you will be submitting your interest to be contacted for roles similar to what is described in the Pipeline Advertisement.