Job Openings
Application Security Analyst ( AI and Cloud Security)
About the job Application Security Analyst ( AI and Cloud Security)
Requirements
Minimum Qualifications:
Bachelors degree in Computer Engineering/Science, Electronics Engineering, or any other appropriately relevant field.
Minimum Experience:
- 10 years of progressive experience in a directly related field.
- 7 years of professional experience in ICT information, application security in an enterprise level environment.
- 3 years in similarly relevant Application security role with around the same team capacity and complexity of assigned tasks.
Job Specific Skills:
- Certifications in industry relative standards, frameworks, and schools of practice, such as CSSLP, GWAPT, OSCP, etc.
- Excellent knowledge in maintaining effective working relationships with staff and clients; excellent people management skills.
- Excellent written and verbal communication skills.
- Strong analytical and problem-solving skills.
- Proven success in working in a similarly complex ICT information security within same industry.
- Professional experience in conducting manual and automated application assessments (DAST, SAST & RAST), penetration testing and configuration review.
- Excellent understanding of modern development approaches and environments, secure Software Development Life Cycle (SDLC), secure coding practices and DevSecOps.
- Good understanding of cryptography, web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures)
- Good understanding of implementing enterprise information security architectures and frameworks.
- Strong understanding of project management principles and requirements.
- Excellent knowledge and understanding of Information Technology industry, trends, architectures, integrations, operational security, and process computing.
- Excellent knowledge and understanding of leading industry standards, frameworks, methodologies, and best practices.
- Excellent knowledge and understanding of information security governance, compliance, architecture components, technical solutions, and operational services.
- Understanding of SAP products, Applications development concepts, change management and landscape.
- Propose security guidelines for new SAP systems ensuring critical design and implementation elements are captured addressed.
- Excellent knowledge and understanding of SAP cloud platform Application services, types of deployments and security requirements to ensuring secure operations and data integrity.
Description
- Ability to develop and implement AI security policies, procedures, guidelines, and security strategies to protect systems from potential threats.
- Identify potential vulnerabilities in AI systems and create strategies to mitigate them.
- Conduct regular security audits to ensure systems are functioning optimally.
- Stay up-to-date with the latest AI security trends and threats.
- Collaborate with other IT teams to ensure the safe integration of new technologies.
- Establish and manage industry-leading application security processes and practices at each phase of the software development lifecycle and implement operational roadmap for assessment, penetration testing and source code reviews.
- Conduct regular security audits and risk assessments of AI systems.
- Ensure acquired and developed applications are consistent with secure software development lifecycle and security architecture guidelines.
- Conduct regular manual and automated application security testing, assessments, review results, track issues and follow up to ensure remediation in line with secure software development lifecycle.
- Coordinate and scope Third party penetration testing and application assessments activities including configuration reviews for compliance and additional assurance of secured implementation and operation of solutions.
- Design, develop and implement the integration and automation of threat modelling, security assessments and testing tools with DevOps, application development and QA tools to improve detection and prevention capabilities.
- Recommend improvements to the secure reference architecture through continuous review and assessment of the application security requirements, policies, and procedures.
- Ensure secure coding practices and Software Development Life Cycle (SDLC) are followed by providing training and awareness to the internal stakeholders.
- Ensure Data Protection, privacy concerns and regulations are in place and addressed in Policies and procedures.
- Help support and enhance existing cloud security model, ensuring adherence to best practice in alignment with industry standards at technology, operational, legal measures.
- Manage follow up, close and report upon all departments information security regulatory requirements, audits, inconformity reports, compliance issues and observations that arise during conducted internal and external assurance engagements.
- Conduct Risk Assessments on the required Applications to identify applicable risk scenarios and mitigating controls as per Client LNG Information security risk management practices.
- Perform other related duties or assignments as directed.