This is a 12 months contract assigned to our client
Work Location: To b e confirmed
Salary Range : $7,000-$8,800
1. Provide security consultancy, technical guidance, expertise and solutions.
2. Advise and review application security design to detect potential security issues and for each issue
, propose and drive remediation tasks.
3. Help application team in developing and implementing security test and verification scripts for testing
and validating security controls/issues.
4. Able to engage and execute security vulnerability scanning activities (VAPT/SAST/DAST/MAST activities etc)
& triage security findings.
5. Define scope and review the results of security tests, reviews, and audits to ensure security assurance is
6. Identify and assess cyber risks in the application and network.
7. Perform threat modelling on security-critical applications.
8. Recommend and drive cyber security solutions and initiatives to improve the cyber security of the
9. Deliver security projects, such as the implementation of security software, POC of DevSecOps tool
and create rules/scripts that help identify latest security issues
10, Ensure clients compliance policies/procedures are met through ongoing security reviews, audits,
Preferably have working knowledge
1. CISSP/CCSP/CCSK/OSCP/CSSLP certification or its equivalent is preferred
2. In-depth knowledge of security concepts regarding web, iOS, Android and Rest API security.
3. Understanding of current and emerging security technologies and threats.
4. Proficient with methodologies, tools, best practices and processes across various cybersecurity areas.
5. Proven experience with threat modelling and risk analysis.
6. Ability to gather written and verbal information from multiple sources, and assess and consolidate risks to
provide appropriate recommendations.
7. Hands-on experience with penetration testing and vulnerability analysis frameworks and tools.
1. Familiar with Gov standard of security posture including planning and running Security Compliance
Check, Security Vulnerability Scanning
2. Familiar with IM8 policies . Familiar with SSO, OIDC/SAML and MFA Framework