Skills and Experience:
• Minimum 3 years of relevant experience in (web or mobile-based application security).
• Certification in CISSP (Certified Information Systems Security Professional) and/or CISA (Certified Information Systems Auditor) is a plus.
• Strong interest and passion for the field of infocomm security, specifically in the area - of application security.
• Familiar with application security review and testing approaches/methodologies in both waterfall and agile application development.
• Familiar with the concept of CI/CD and DevOps, and how security testing can be integrated and automated as part of software delivery pipelines.
• Able to recommend use of appropriate AppSec tools (e.g., static code scanners, dynamic scanners, etc) and assist apps teams in adopting these tools.
• Strong problem-solving and troubleshooting skills.
• Proactive self-starter with an analytical and creative mind.
• Result and customer oriented with multi-tasking capabilities.
• Excellent written, verbal communication, presentation, and negotiation skills.
• Experience as penetration tester and source code reviewer is an added advantage.