Test Engineer - Application Security Test Engineer - Application Security …

Cognizant
in Singapore
Permanent, Full time
Last application, 23 Oct 20
Competitive
Cognizant
in Singapore
Permanent, Full time
Last application, 23 Oct 20
Competitive
Test Engineer - Application Security
Role: Test Engineer - Application Security
Location: Singapore

Responsibilites
    \t
  • Study and propose AppSec roadmap to uplift the way apps security is practiced today.
  • \t
  • Develop secure application development practices, standards, guidelines and solutions with the aim to standardize and raise the AppSec practices of our application teams.
  • \t
  • Train up the Business Analysts to write security acceptance criteria in user stories
  • \t
  • Train up the Software Engineers to write security unit tests and secure coding
  • \t
  • Train up the Quality Engineers to write security test cases
  • \t
  • Work with DevOps team to improve security in the CI\\CD pipeline
  • \t
  • Introduce threat modelling/threat model to the development center
  • \t
  • Define the communication and education framework to raise the awareness, capabilities and competencies of security champions.
  • \t
  • Provide security guidance to Engineering and Product teams
  • \t
  • Perform assessments for selected applications using a combination of threat modelling, vulnerability research, code scanning, application security testing and recommendation of proper remediation actions.
Skillsets and experience
    \t
  • Degree in Computer/Computer Science or Electronics Engineering or Information Technology or equivalent.
  • \t
  • Minimum 2 years of relevant experience in (web or mobile-based application security).
  • \t
  • Certification in CISSP (Certified Information Systems Security Professional) and/or CISA (Certified Information Systems Auditor) is a plus.
  • \t
  • Strong interest and passion for the field of infocomm security, specifically in the area of application security.
  • \t
  • Familiar with application security review and testing approaches/methodologies in both waterfall and agile application development.
  • \t
  • Familiar with the concept of CI/CD and DevOps, and how security testing can be integrated and automated as part of software delivery pipelines.
  • \t
  • Able to recommend use of appropriate AppSec tools (e.g. static code scanners, dynamic scanners, etc) and assist apps teams in adopting these tools.
  • \t
  • Strong problem-solving and troubleshooting skills.
  • \t
  • Proactive self-starter with an analytical and creative mind.
  • \t
  • Result and customer oriented with multi-tasking capabilities.
  • \t
  • Excellent written, verbal communication, presentation and negotiation skills.
  • \t
  • Certification: OSCP, OSWE, OSCE, CREST or OSEE


Cognizant logo
More Jobs Like This
See more jobs
Close
Loading...
Loading...