Application Security Manager
- BBBH768696 Oct 22, 2020 Competitive
Applications Security Lead with for a leading organisation in the Healthcare Technology sector, transforming healthcare through smart technology and latest innovations
Job Role: Senior Manager
Department: Corporate IT
Role and Responsibilities
As Applications Security Lead, you will be reporting into Applications Leader and be responsible for
- Develop strategy, roadmap and blueprint for the company to have a defensible and security-resilient infrastructure and application architecture. Work hand-in-hand with IT security governance, application security and cyber response readiness teams to achieve the objective.
- Support application team to perform application vulnerability assessments and document vulnerabilities which were found and provide recommendations for remediation according to company guidelines and industry best practices
- Provide guidance to application team on application security best practices
- Support remediation effort and track open issues and follow up to ensure remediation
- Conduct application security assessment results review and mitigation approval
- Be a part of the end to end application security implementation process, from reviewing application security architecture and design to overseeing the penetration testing and source code reviews.
- Evaluate and implement new technologies while keeping in view the cybersecurity risks, technology risks and regulatory compliance.
- Involve in reviewing various security aspects for new initiatives that interface and connect with external parties (like those involved in leveraging open standards and APIs);
- Develop and implement a Cloud Security Design review process for cloud computing use, including IAAS, PAAS and SAAS implementations.
- Provide advice on data protection and security controls in Big Data and data analytic implementations.
- Keep abreast with new technologies to ensure that the organisation remains at the forefront of security
- Analysis of the IT infrastructure (on premise and cloud), identification of vulnerabilities and security risks, derivation, and implementation of necessary measures in the areas of network and security
- Work with various teams to deploy security solutions that will enable continuous and automated enforcement of security controls, compliance assurance and monitoring, as well as runtime protection against threats.
- Evaluate architectural designs and perform security reviews
- Facilitate security review activities such as penetration testing, secure code reviews, and design/architecture security reviews
Requirements / Qualifications
To develop, mentor and guide team members
Collaborate HCM to manage people development and retention
Requirements / Qualifications
- Degree in IT or healthcare professionals with degree and equivalent experience
- In-depth knowledge and experience in information security risk assessment and management
- Experience in the implementation of security infrastructure e.g. firewall, NIPS, web proxy, application firewall etc.
- Good understanding of key security technology such security incident and event management systems, active directory, data loss prevention, network devices etc.
- Passion to deliver sustainable security solutions and continued improvement in control and risk mitigation
- Demonstrate ability to balance business and security requirements and manage tactical vs. strategic on-going initiatives
- Demonstrate ability to operate in diverse environments and cultures and enjoys working in challenging and fast-paced environment
- Discipline in timely submission and reporting key metrics and status ∙ Strong communication and presentation skills to wide and diverse audiences
- Excellent leadership, negotiation, interpersonal and communication skills
- Team player and good people management skills to lead a team ∙ Adept at managing resources
MORGAN MCKINLEY PTE LTD
EA Licence No: 11C5502
Registration No: R1876903
Registration Name: Shalu Surana
Programme Delivery Consultant | M3S
+65 6818 3144