Назад
Company hidden
7 часов назад

ITSO Officer (Application Security)

Формат работы
hybrid
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
Singapore
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

ITSO Officer (Application Security): Securing software development lifecycles and driving security best practices across various tech stacks with an accent on threat modeling and CI/CD pipeline security. Focus on integrating automated security testing, managing vulnerabilities via SAST, and fostering a security-first culture.

Location: Singapore (Hybrid)

Company

hirify.global is a leading provider of mission-critical technology systems and infrastructure services that drive advantage for the world’s leading businesses.

What you will do

  • Establish comprehensive threat profiles and design remediation strategies for application security risks.
  • Integrate and maintain automated security testing mechanisms within Agile Development processes and DevOps pipelines using GitLab, GitHub, and Ansible.
  • Execute static application security testing (SAST) using enterprise tools like Fortify-on-Demand and SonarQube to track and remediate vulnerabilities.
  • Conduct regular security awareness training sessions to foster a security-first culture among development teams.
  • Collaborate with technical and business stakeholders to communicate security risks and align on deployment goals.

Requirements

  • Minimum of 4 years of professional experience across software development, application security, and cloud computing environments.
  • Deep familiarity with mobile and web API architectures, including REST, SOAP, and SSL/TLS protocols.
  • Strong practical knowledge of OWASP Top 10 and OWASP Application Security Verification Standard (ASVS).
  • Practical understanding of Agile methodologies, DevOps concepts, and version control/automation tooling.
  • Must be based in Singapore to support the hybrid work model.

Nice to have

  • Prior experience working within the Government Commercial Cloud (GCC) environment.
  • Industry certifications such as CISSP, OSCP, AWS Certified Security - Specialty, or AWS Certified DevOps Engineer - Professional.

Culture & Benefits

  • Hybrid-friendly work culture that prioritizes employee well-being and flexibility.
  • "Be Well" programs designed to support financial, mental, physical, and social health.
  • Access to cutting-edge learning and certification programs from Microsoft, Google, and Amazon.
  • Inclusive environment emphasizing kinship, empathy, and a sense of belonging.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →