Objective of job
•Work closely with security architects, development teams, project managers, vendors to ensure the application security
•Responsible for providing guidance of prevention, testing and fixing information security vulnerabilities in the process of application software development
•Responsible for the application of relevant levels of security automation testing and security automation protection capacity building
•Responsible for continuous security testing and security process optimization
•Participate in and support application security reviews and threat modeling, including code review
•Responsible for imeplementing security architecture design and verifying
Job designation
•ISMS and Risk Management.
Fully understand ISO 27001 based Daimler security policies and requirements, identify security gaps from different security domains and help to mitigate security risks.
•Information Security Roadmap and Management Reporting.
Optimize current security processes and automate them if possible. Make management reporting process more efficient. Define milestones in security roadmap and outcomes for core security activities, and build effective and efficient security processes.
•Support in operation/application security.
Review applications from different security perspectives, and identify threats and vulnerabilities. Provide cost effective countermeasures to application teams and help them to mitigate security risks. Participate in operation security by reviewing account security, access control and application logs, and proactively identity potential threats to improve security assurance level. Participate in secure coding implementing security features in projects if necessary.