Responsibilities: Act as the SME to review application architectures in Application, Infrastructure, Cloud Computing, Mobile Technology, and Electronic Trading. Lead the technology assessment across application security including Session Security, Vulnerability/PenTesting items, and Input Validation. Review applications including Authentication, Authorization, and Auditing. Review security reference architecture and security blueprints. Develop and maintain security architecture artifacts. Act as a Security SME and review implementation design to the application and Infrastructure team, where it will meet the industry security standards. Conduct Technical risk assessments to capture security exceptions and design associated compensating controls based on the assessment results. Define and maintain the infrastructure and application security framework and provide security assessments. Requirements: At least 10 years of experience in the IT Application Security space. Ability to articulate security principles and security risks to non-technical business stakeholders Security Certificates in CISSP, CISM or equivalent. Knowledge of the common application layer vulnerabilities (eg. OWASP 10), ability to explain these risks, and recommend countermeasures to mitigate these risks. Extensive knowledge of application, network, and platform security vulnerabilities. Ability to explain these vulnerabilities to developers. Ability to review the code of enterprise applications and identify possible security vulnerabilities. Experience in conducting Information Security, IT Security, and Audit assessments. Presenting the outcomes of the evaluation and obtaining buy-in. Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness. Working experience in security areas including Authentication (SAML, SiteMinder, Kerberos, OpenID), Data Protection, App Security, and Cryptography. Excellent communication skills in English, this role will work with regional counterparts. Bachelor's Degree in Computer Science or related field from a reputable University. If this outstanding opportunity sounds like your next career move, please send your resume in Word format to Danny Kwan at
[email protected] and put Security Architect - Leading Financial Institution in the subject header. Data provided is for recruitment purposes only. _________________________________________________________ Headquartered in Hong Kong, Pinpoint Asia is the go-to Specialist Firm for Technology Recruitment We are a team of specialist tech recruiters (many of our recruiters come from an IT background) and we serve a wide range of clients, all the way from tech startups (especially FinTech) to some of the top Financial Institutions on Wall Street and several other large scale enterprises in other industries. Our significant market reputation and status as the leading search firm for many of our clients is a direct result of our strong industry relationships, intimate understanding of the marketplace and proven ability to deliver results. Our vision is to help companies hire smarter and help job seekers get closer to their career aspirations. To see all our open jobs please reach out to us at https://pinpointasia.com/job-search/ (EA License #72371) We are also seeking top-calibre candidates for the following exciting roles: 1) C#. NET API Messaging DevOps Associate - Leading Investment Bank 2) Mobile Tech Business Analyst - Private Wealth Management 3) Rust Trading Systems Engineer - Crypto Start-Up