- Permanent, Full time
- OCBC Bank
- Perform application penetration testing on web based application and thick-client application.
- Perform network penetration testing on systems.
- Exploit vulnerabilities to gain access, and expand access to remote systems.
- Document technical issues and recommend mitigation controls identified during security assessments.
- Research cutting edge security topics and new attack vendors
- Conduct compliance testing on web based application and thick-client application that meet predetermined Information Security Standards & Guidelines and other regulatory requirements such as MAS TRMG.
- Manage secure code review of applications.
- Manage RFP for engaging external vendor to conduct application penetration test. This include:
- Conducting RFP
- Evaluating and recommending vendor
- Conducting RFP
- Manage external vendor security testing team.
- Serve as a subject testing team and external vendor secure code review team.
- Experience with Secure Code Review and Security Testing and their methodologies.
- Degree in computer degree/computer engineering/information security or equivalent.
- A working knowledge of aspects of information security is essential.
- Familiarity of MAS TRMG, PCI-DSS and other regulatory/industries requirements.
- Good communication (spoken and written) skills, able to work independently and as a team player.
- Certified Information Systems Security Professional, Certified Information Systems Auditor or Certified Ethical Hacker preferred.
- Candidate must be familiar with the following tools and have at least 3 to 5 years relevant experience in security testing