Responsibilities: Act as the SME to review the security architecture in Application, Infrastructure, Cloud Computing, and banking/trading applications. Lead the technology assessment and security controls reviews, including scope, roadmap, and testing plans for key cybersecurity controls. Working with different teams across the bank for project security assessments: both high- and low-level architecture designs, and providing recommendations to mitigate identified risks and ensure compliance with relevant regulatory requirements, etc. Review applications including Authentication, Authorization, and Auditing. Review security reference architecture and security blueprints. Third-party risk assessments, regulatory reviews, as well as participating in regional and global governance meetings and committees when required. Requirements: At least 10 years of experience in the IT Application Security space. Ability to articulate security principles and security risks to non-technical business stakeholders Security Certificates in CISSP, CISM, or equivalent. Knowledge of the common application layer vulnerabilities (eg. OWASP 10), ability to explain these risks, and recommend countermeasures to mitigate these risks. Extensive knowledge of application, network, platform security vulnerabilities, and security hardening standards (eg. NIST). Ability to explain these vulnerabilities to developers. Ability to review the code of enterprise applications and identify possible security vulnerabilities. Experience in conducting Information Security, IT Security, and Audit assessments. Presenting the outcomes of the evaluation and obtaining buy-in. Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness. Excellent communication skills in English, this role will work with senior peers and stakeholders across the region. Bachelor's degree in Computer Science, Engineering (or related) from a reputable University. If this outstanding opportunity sounds like your next career move, please send your resume in Word format to Leslie Ho at [email protected] and put Security Architect - Leading Investment Bank in the subject header. Data provided is for recruitment purposes only. _________________________________________________________ Headquartered in Hong Kong, Pinpoint Asia is the go-to Specialist Firm for Technology Recruitment We are a team of specialist tech recruiters (many of our recruiters come from an IT background) and we serve a wide range of clients, all the way from tech startups (especially FinTech) to some of the top Financial Institutions on Wall Street and several other large scale enterprises in other industries. Our significant market reputation and status as the leading search firm for many of our clients is a direct result of our strong industry relationships, intimate understanding of the marketplace and proven ability to deliver results. Our vision is to help companies hire smarter and help job seekers get closer to their career aspirations. To see all our open jobs please reach out to us at https://pinpointasia.com/job-search/ (EA License #72371) We are also seeking top-calibre candidates for the following exciting roles: 1) Lead DevOps Engineer - Global Financial Institution 2) Project Manager, Cloud/Infrastructure Delivery 3) Senior Manager, Infrastructure (Server Platform)
x
