application security in hong kong

job type
apply now

job details

hong kong
job category
information technology
job type
working hours
reference number
apply now

job description

about the company.

My client is one of the fastest growing fintech companies in Hong Kong and they are partnering with a global tech giant to deliver solutions to merge blockchain with traditional payment networks to their Financial services and commercial clients all across Hong Kong.

about the job.

As the application security consultant you will be tasked with providing application security services into the software development lifecycle which include secure design, coding techniques and reviews, education & awareness, process and tools, security testing support and guidance

In addition, you will be responsible for Identifying application security risks and requirements for new projects and system developments. You will also be trusted to provide technical advice to ensure that security standards are met throughout all business units.

Other key responsibilities include:

  • Review code for security vulnerabilities and embed/improve security threat modelling and secure coding in the development lifecycle
  • Provide Threat Modelling and Security Requirement gathering
  • Perform Application Penetration tests during system development lifecycle
  • Develop Security standards, guidelines and requirements
  • Develop security testing plans and integrate into the software development lifecycle
  • Perform/oversee security testing and manage remediation of identified vulnerabilities
  • Support the InfoSec team in the promotion of information security best practice and embedding information security within the development streams
skills & experiences required.

  • 5+ years of experience in application security vulnerabilities, secured design, security testing techniques, and the OWASP framework
  • In depth understanding of secured web application and web services development in various languages
  • In depth understanding of secure web application development and knowledge in various Open Source CMS platforms.
  • Experience of web application and agile development methodologies
  • Understanding of Open Source Web Technologies and Operating Systems
  • Must have at least one of the following certifications:
    • SANS GIAC Penetration Tester (GPEN)\Certified Ethical Hacker by the International Council of E-Commerce Consultants (EC-Council.)
    • GIAC Certified Web Application Defender
    • GIAC Web Application Penetration Tester

Interested candidates can apply through the portal. Should you have any questions, please contact Ian Luong at 9389 3973 for more details. Kindly note that only shortlisted candidates will be contacted.