Daily tasks are providing security consultation, security design review, application assessment and cloud migration for the strategic digital solutions across technology to ensure secure solutions for business growth.
This position is responsible for ensuring the security and integrity of AIA&039;s information systems and cyber environment.
At AIA, we believe in helping our employees grow, professionally and personally. New career opportunities are one way for you to learn new skills and continue to build our business that helps our customers and the community live healthier, longer, better lives.
We are looking for security engineer who has hands-on experiences in designing and/or reviewing security for various inter-connected application and infrastructures, especially in the area of Cloud authentication, authorization, information protection, Compliance and cryptographic controls for both cloud environment and on-premise.
Trách nhiệm công việc:
Work closely with application development team to proactively review the issues identified from source code review and penetration test and drive the remediation discussion and execution
Review and analyze vulnerability data to identify security risks to the organization&039;s environment and application security and determine any reported vulnerabilities that are false positive part of the scans
Support application team to review security issues and come out a practical remediation plan to drive timely remediation
Responsible for automating security controls, data and processes to provide improved metrics and operational support.
Perform source code review and penetration test for web applications and mobile applications
Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements.
Support CI/CD process, continuous integration (Git), continuous deployment (/Jenkins), and deployment orchestration
Support and work with APIs and Plugins to integrate security tools into established CI/CD pipelines
Work with Application team with API Security, Container Security, Azure Cloud Security
Kỹ năng & Chuyên môn:
A Degree or higher in Information Technology related field.
Work under high pressure, goal oriented, and inspired to perform without outside help.
Good communication skills, especially in English to effectively work and negotiate with internal/external teams.
Familiarity with Microsoft Azure Policy, Configuration, and Security Management tools is a plus.
2 - 5 years of experiences of information security domain, especially hands on experience for source code review and penetration test
Security Certifications/licenses: OSCP, OSWE, Azure-related, Security+, CISA, CISSP is a plus.
Capability to prepare security vulnerability and risk management reports for management.
Proficiency and hands on experience in Programming such as .NET, Java or other scripting languages etc.