TISO Project Application/Infrastructure & Security
- Provide management oversight and guidance/advice on security risk identified and mitigation
- Introduce new security control measures to improve the IT deliveries and manage risks
- Review and enforce information security policy, standards and guidelines for IT business application and infrastructure projects.
- Conduct security assessments for business application and infrastructure projects
- Undertake new security projects to improve the security controls, efficiency and ease of use
- Introduce AREA initiatives to improve TISO deliveries
- Degree in Computer Science or equivalent.
- Certified Information Systems Security Professional, Certified Information Systems Auditor or Certified Risk and Information System Control, Certified Ethical Hacker, will be desired.
- Independent and able to perform tasks with minimum supervision.
- Excellent communication and interpersonal skills with good command of English.
- Have a very strong commitment to personal development and a drive to develop himself / herself technically and professionally.
- Knowledgeable in IT controls, Application security and risk management methodology.
- Competent in conducting application security/risk assessment.
- Familiarity in Digital Banking, FinTech and Outsourcing will be an advantage
- Has in-depth knowledge of information security risks, concepts of new technologies, such as blockchain, cloud, mobile payment, hadoop, etc.
Knowledgeable with application development experience and programming/coding will be an advantage.
- Knowledgeable in application penetration testing methodologies, such as OWASP.
- Knowledgeable with the use of cryptographic controls.
- Good knowledge in compliance with MAS TRM, ABS, BNM, HKMA, CBRC, etc guidelines and others