Specialist / Senior Specialist - IT Security - Information Technology Services - Hong Kong
DELOITTE TOUCHE TOHMATSUHong kongUpdate time: November 27,2019
Job Description
Work you'll do:
- Provide advisory support to business stakeholders and various application development teams on proper managing IT security risk throughout software development life cycle in compliance with the Technology Operating Model
- Work closely with project team on various security checkpoints in defining security requirements, security controls design, security testing and quality assurance check according to globally-defined standards and policies
- Co-ordinate with business functions in conducting security risk assessment, application architecture review, security requirements identification and controls verification processes
- Perform vulnerability scanning on applications and work with developers to resolve security related issues and provide consultancy on coding best practices and mitigations prior to production release
- Participate to build up a culture of secure SDLC and raise awareness to developers on programming practices according to the secure coding requirements and guidelines
- Contribute to ensure compliance to corporate information security policies, standards and practices as well as liaise with relevant stakeholders, including contractors and vendors
- Assist to manage application security framework and drive other information security initiatives.
- Perform other related duties as assigned.
Requirements:
- 3-5 years' experience in managing application security risk from development to production stage with knowledge of secure coding practices and common threat vectors such as the OWASP top 10.
- Degree holder in Computer Science, Information System or related discipline
- CISSP, CSSLP, CEH, GWAPT or equivalent security related qualifications.
- Excellent knowledge of the SDLC with sound application development background would be preferable
- Exposure on cloud platform, cloud security industry best practices would be a plus
- Working knowledge of vulnerability testing tools and methodologies.
- Strong self-motivation, pro-active, good communication and analytical skills.
- Good people skills to work with business users and technical teams, independently work with less supervision and under pressure
- Good command of both spoken and written Chinese (including Mandarin) and English.
Get email alerts for the latest"Specialist / Senior Specialist - IT Security - Information Technology Services - Hong Kong jobs in Hong kong"