Assistant Vice President, IT Security (Application and Data Security Lead)
Subject matter expert and Team Lead for Application Security and Data Security. The Job
• Facilitate the application security review process end-to-end, from review of application security design to the review of IT security controls prior to system go-live implementation.
• Coordinate the penetration test, bug bounty and secure code review to find out potential vulnerability in applications, and oversee the closure of findings. Continuously track, analyse and report the status of remediation to management.
• Conduct security review for new IT initiatives that connect with external parties, such as those leveraging open standards and APIs, new cloud computing services, and deployment of new technology solutions. Assess the risks and recommend mitigating controls.
• Provide advice on data protection, encryption, and security controls for data movement and storage, including use of Big Data and data analytic implementations.
• Support the implementation of agile SDLC and continuous integration and delivery (CI/CD) process by advising and reviewing the required technology controls and security that can be embedded into the new process.
• Takes accountability in considering business and regulatory compliance risks and takes appropriate steps to mitigate the risks.
• Maintains awareness of industry trends on regulatory compliance, emerging threats and technologies in order to understand the risk and better safeguard the company.
• Highlights any potential concerns /risks and proactively shares best risk management practices.