Specialist - Application Security - Information Technology Services
DeloitteShanghaiUpdate time: August 9,2019
Job Description
- Provide advisory support to business stakeholders and various application development teams on proper managing IT security risk throughout software development life cycle in compliance with the Technology Operating Model
- Work closely with project team on various security checkpoints in defining security requirements, security controls design, security testing and quality assurance check according to globally-defined standards and policies
- Co-ordinate with business functions in conducting security risk assessment, application architecture review, security requirements identification and controls verification processes
- Perform vulnerability scanning on applications and work with developers to resolve security related issues and provide consultancy on coding best practices and mitigations prior to production release
- Participate to build up a culture of secure SDLC and raise awareness to developers on programming practices according to the secure coding requirements and guidelines
- Contribute to ensure compliance to corporate information security policies, standards and practices as well as liaise with relevant stakeholders, including contractors and vendors
- Assist to manage application security framework and drive other information security initiatives.
- Perform other related duties as assigned.
- 3-5 years' experience in managing application security risk from development to production stage with knowledge of secure coding practices and common threat vectors such as the OWASP top 10.
- Degree holder in Computer Science, Information System or related discipline
- CISSP, CSSLP, CEH, GWAPT or equivalent security related qualifications.
Requisition code: CN169845
Get email alerts for the latest"Specialist - Application Security - Information Technology Services jobs in Shanghai"