Gfi Addstones Singapore

Parent Category: Job Listings - Public Domain Listings Category: Security Engineers Published: Thursday, 16 July 2020
NOTE: The following job description was extracted from public domain and published here as a value added service to BizLINKS Resources members. We are currently not a direct vendor to the above organisation and would be interested to work with the above through a internal organisation referral
 Employer Referral

IT Security Engineer at Gfi Addstones Singapore 

GFI is an international IT services company, currently employing about 23,000 people Worldwide. GFI provides its clients with innovative, long-lasting industrial solutions to leverage performance from their information systems. We design and runs industrial platforms tailored to the economic and human considerations of its clients. • Management Consulting | Digital Transformation | Innovation • Operating over 23 countries, • 2018 revenue of over 1,5 billion USD, • 49 years of existence In order to support our forthcoming businesses and technological challenges, we seek innovative and agile people sharing our mind set. We are now looking for an IT Security Officer to join our team in Singapore. Position Purpose: Assisted by the different Division team within the Functions Domain and the cybersecurity team, the IT Security Officer contributes to the monitoring and assessing of the security levels of IT application developed and/or maintained by the Global Hub. The IT Security Officer also participate in IT project reviews conducted both on a global and local basis, and this requires the incumbent to foster close working relationships with the IT development/Production teams, domain teams and the business users. He/she will be in charge of: Integration of security into software development during design and development Analysis of IT systems architecture in terms of security and risk/threat modelling Contribution to the definition of the different types of security tests to be performed Supporting the development team in terms of secure development practices Supporting the infrastructure/middleware teams in terms of securization Performing security code reviews and white box penetration testing during the developmentt sprints Automation of security testing process Coordinating with the third-party vendors and internal stakeholders for the penetration and black box testing Review and assess the results of external penetration testing, and agree corrective action Supporting the development teams to reproduce issues Research and monitor current software security risk Provide software security training to the development team Skills & Experience: Bachelor’s degree in Computer Science or the equivalent. A master’s degree is a plus At least 2+ years of hands-on experience doing security code analysis or reviews At least 2+ years of hands-on experience doing penetration and vulnerabilities tests At least 2+ years of hands-on experience as a software develope Any certification around security: GSSP-JAVA, GWEB, ECSP, CSSLP, CEH, CES etc. Mandatory Strong critical thinker with problem solving aptitude. Capacity to provide deep perspective on cyber and security threats Excellent written and oral communication skills Knowledge and experience of common security protocols (e.g. TLS, OAuth 2.0, SAML, Open ID Connect, LDAP etc.) and crypto libraries (Open SSL, JWT etc.) Knowledge and experience of server side security, authentication and authorizations mechanisms Knowledge and experience of Web security (OWASP etc.) and Javascript/SPA security Knowledge and experience of static code security analysis and security code review Knowledge and experience of vulnerabilities/penetration testing Experience of a secure software life cycle in a software house or large IT department Software development experience Plus Knowledge of Spring Security Experience of CI/CD and DevSecOps Knowledge and experience of Mobile security on Android and iOS Experience with hardening of middleware (Tomcat, Apache, NGINX, Mongo DB etc.) Contributing to open source projects or participation in hacker events Knowledge of encryption and key management Knowledge of IAM and SIEM solutions Knowledge of AS400 Awareness of security standards relevant to SaaS and experience with Cloud platforms EM solutions Show more

to BizLINKS Resources

via BizLINKS Resources
Hits: 286
Country: Singapore
Employment Type: Full time
Salary: Open