Responsibilities:

• Perform information security risk assessment and technical advisory for assigned project areas to ensure compliance to policy, standards and practices
• Handle system and network vulnerability scanning, classify and prioritise risks, and guide relevant stakeholders to ensure that systems and services are secured
• Perform threat assessment and patch management advisory operations via analysis of open and commercial security intelligence feeds
• Ensure business and IT patch management teams comply with defined Service Level Agreements (SLAs) for security patch deployment
• Guide developers and IT colleagues on coding best practices and mitigations prior to production release
• Work closely with IT developers and operations to respond to, mitigate and resolve IT-security related incident
• Partner with Project Manager to drive initiatives; evaluate, acquire and deploy new IS technologies and capabilities, and ensure initiatives get completed on time and budget
• Work closely with IT development and architecture teams to build up a culture of secure design and programming practices throughout the entire system development lifecycle

Requirements:

• Degree graduate with strong technical background, particularly in web application development and/or networking
• Possession of CEH, GSEC or equivalent certification is an advantage
• 5 to 8 years of experience working in technical IT roles, with at least 3 years in a corporate environment
• Minimal 3 years’ experience in technical IS risk assessments or testing
• In-depth experience of secure coding practices, source code review, and Internet threat vectors such as the OWASP top 10
• Working knowledge of vulnerability testing tools and methodologies
• Good knowledge of Windows, Linux, OSX and mobile operating systems
• Working knowledge of Secure Development Lifecycle (SDLC) and AGILE methodologies; DevOps experience is an advantage
• Good command of English

Interested parties please click on "Apply Now" to attach your full resume (with expected salary & date available)

Attivo is a dynamic recruitment firm specialized in Information Technology and Business hiring for clients across regions. Attivo is in partnership with Goldfinity, our proactive consultants are equipped with rich IT & Business knowledges and experienced in recruiting talents for our clients across industries.

We believe the purpose of recruitment is to find and hire the best-qualified candidate for a job opening in a timely and cost effective manner. It is important for both the candidate and the client to ensure that the right job goes to the right person. 

We partner with both the client and the candidate in this finding and hiring process, contribute our expertise, to align with the expectations and goals of both parties to achieve mutually beneficial outcome.