- Policy & Procedures: Engage with the relevant stakeholders to establish and review corporate policy and procedures governing the secure development of applications.
- Security Architecture & Design: Participate in Shift Left initiatives by performing threat modeling and architectural risk assessments during the design phase.
- Vulnerability Management: Conduct regular SAST (Static), DAST (Dynamic), and SCA (Software Composition Analysis) scanning. Prioritize and triage results for development teams.
- Code Review: Perform manual secure code reviews to identify logic flaws and vulnerabilities (OWASP Top 10) that automated tools might miss.
- DevSecOps Integration: Assist in automating security checkpoints within CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions).
- Remediation Guidance: Act as a consultant to developers, providing clear, actionable advice and code snippets to fix identified security gaps.
- Training & Advocacy: Lead Security Champion programs and conduct secure coding workshops to foster a security-first culture.
QUALIFICATIONS AND EXPERIENCES:
- Education: Bachelor's degree in Computer Science, Cybersecurity, or a related technical field (or equivalent experience).
- Experience: 3+ years in application security, penetration testing, or secure software development.
Technical Skills:
- Proficiency in at least one major language (e.g., Java, Python, JavaScript, or C#).
- Deep understanding of web application vulnerabilities (SQLi, XSS, CSRF, SSRF).
- Experience with security tools like Burp Suite, Checkmarx, Snyk, or Veracode.
- Familiarity with container security (Docker/Kubernetes) and Cloud environments (AWS/Azure/GCP).
- Certifications (Preferred): CSSLP, GWEB, CASE, or OSCP.
Core Competencies:
- Analytical Thinking: Ability to think like an attacker to foresee potential bypasses in application logic.
- Communication: Exceptional ability to translate complex security risks into business impact for non-technical stakeholders.
- Collaboration: A builder mindset-focused on enabling developers to work fast and securely, rather than just acting as a gatekeeper.
Interested applicants please send your resume to [Confidential Information]
Venessa Goh Wee Ni
R24124686
Recruit Express Pte Ltd
EA License No: 99C4599
We regret that only shortlisted candidates will be contacted.