Cognizant will be prioritizing applicants who have a current right to work in Singapore, and do not require Cognizant sponsorship of a visa.
- Study and propose AppSec roadmap to uplift the way apps security is practised today.
- Develop secure application development practices, standards, guidelines and solutions with the aim to standardise and raise the AppSec practices of our application teams.
- Write / Train up the Business Analysts to write security acceptance criteria in user stories
- Train up the Software Engineers to write security unit tests and Perform secure coding assessments
- Conduct App Penetration testing and Vulnerability assessment
- Work with DevOps team to improve security in the CI\CD pipeline
- Define the communication and education framework to raise the AppSec awareness, capabilities and competencies of security champions.
- Provide security guidance to Engineering and Product teams
- Perform AppSec assessments for selected applications using a combination of threat modelling, vulnerability research, code scanning, application security testing and recommendation of proper remediation actions.
What you’ll bring to the team:
- Degree in Computer/Computer Science or Electronics Engineering or Information Technology or equivalent.
- Minimum 2 years of relevant experience in (web or mobile-based application security).
- Certification in CISSP (Certified Information Systems Security Professional) and/or CISA (Certified Information Systems Auditor) is a plus.
- Strong interest and passion for the field of infocomm security, specifically in the area of application security.
- Familiar with application security review and testing approaches/methodologies in both waterfall and agile application development.
- Familiar with the concept of CI/CD and DevOps, and how security testings can be integrated and automated as part of software delivery pipelines.
- Able to recommend use of appropriate AppSec tools (e.g. static code scanners, dynamic scanners, etc) and assist apps teams in adopting these tools.
- Strong problem-solving and troubleshooting skills.
- Proactive self-starter with an analytical and creative mind.
- Result and customer oriented with multi-tasking capabilities.
- Excellent written, verbal communication, presentation and negotiation skills.
Bonus points for:
- Experience as penetration tester and source code reviewer is an added advantage.