āļāļāļēāļāļēāļĢāđāļāļĒāļāļēāļāļīāļāļĒāđ
Security Architecture and System Integration
āļāļĩāđāļāļāļēāļāļēāļĢāđāļāļĒāļāļēāļāļīāļāļĒāđJob Description
- Fulfill tasks of cybersecurity vulnerability management program, i.e. cyberthreat intelligence analysis, cybersecurity assessment, vulnerability profiling, vulnerability compensation and vulnerability remediation tracking
- A dedicated DevSecOps or security engineering team is responsible for embedding security practices into the DevOps pipeline. They build and maintain the security tools and automation required for integrating security checks into the development process.
- Implement security tools in CI/CD pipelines (e.g., code scanning, vulnerability assessments).
- Automate security testing, monitoring, and compliance checks.
- Collaborate with development and operations teams to ensure security is applied at every stage.
- Designing, supervising, and validating holistic Banking application/infrastructure security architecture, to ensure that they are aligned with cybersecurity strategy, security requirement principle and generally cybersecurity best practices (through threat modelling or similar methods).
- Designing and Implementing CI/CD (DevSecOps) Technology integration through own teams and virtual team (with the members of Digital Technology Security team) to always tighten security architecture fabrics, and to support cybersecurity transformation, lean and automation process.
Qualifications
- Bachelorâs or Master degree in computer science, Computer Engineering, Information Technology, or related field
- At least 5 years of experience in security advisory, security architecture, CI/CD security, Vulnerability Assessment, Penetration test or a related field.
- Good communication skills, with the ability to communicate complex security issues.
- Strong Knowledge in new Banking Technology and associated security controls.
- Knowledge of security best practices in software development.
- Knowledge of SDLC framework.
- Familiarity with CI/CD tools & DevOps tools.
- Experience with Code/Library/Image scanning tools (Dynamic/Static Code Scan).
- Expertise in cloud security (AWS, Azure, GCP, HWC).
- Experience with cloud security and compliance tools (CSPM).
- Knowledge of Securing Cloud Environments to ensure that security practices are tailored for cloud-native and hybrid environments, including container security, infrastructure as code, and microservices security.
āļāļąāļāļĐāļ°āļāļĩāđāļāļģāđāļāđāļ
- DevOps
- Automation
- Compliance
āļāļĢāļ°āļŠāļāļāļēāļĢāļāđāļāļĩāđāļāļģāđāļāđāļ
- 5 āļāļĩ
āļāļąāļāļĐāļ°āđāļāļīāđāļĄāđāļāļīāļĄ
- Good Communication Skills
- Software Development
āđāļāļīāļāđāļāļ·āļāļ
- āļŠāļēāļĄāļēāļĢāļāļāđāļāļĢāļāļāđāļāđ
āļŠāļēāļĒāļāļēāļ
- āļāļ§āļēāļĄāļāļĨāļāļāļ āļąāļĒ
āļāļĢāļ°āđāļ āļāļāļēāļ
- āļāļēāļāļāļĢāļ°āļāļģ
āđāļāļĩāđāļĒāļ§āļāļąāļāļāļĢāļīāļĐāļąāļ
āđāļĢāļēāļĄāļļāđāļāļŠāļĢāđāļēāļāļāļ§āļēāļĄāđāļāļāļāđāļēāļ āļĢāļ§āļĄāļāļķāļāļāļĢāļ°āļŠāļāļāļēāļĢāļāđāļāđāļēāļāļāļĨāļīāļāļ āļąāļāļāđāđāļĨāļ°āļāļĢāļīāļāļēāļĢāļāļĩāđāļāļĩ āļāđāļ§āļĒāļāļēāļĢāļāļģāļāļēāļāđāļāļĒāđāļāđāļ§āļīāļāļĩāļāļīāļāđāļāļ Growth mindset āļāļģāđāļŦāđāļāļĨāđāļēāļāļīāļ āļāļĨāđāļēāļāļāļĨāļāļāļāļģāļŠāļīāđāļāđāļŦāļĄāđ āđ āđāļāļ·āđāļāđāļŠāļ§āļāļŦāļēāļŠāļīāđāļāļāļĩāđāļāļĩāļāļ§āđāļē āļŠāļāļąāļāļŠāļāļļāļāđāļŦāđāļāļāļāļāļāđāļĢāļēāļāļĨāđāļēāļāļīāļāļĢāļīāđāļĢāļīāđāļĄ āļĄāļĩāļŠāđāļ§āļāļĢāđāļ§āļĄāđāļāļāļēāļĢāļāļāļāļāļ§āļēāļĄāđāļŦāđāļ āļāđāļāļĒāļāļāđāļāđāļāļĩāļĒ āļāļķāđāļāļāļ°āļāđāļ§āļĒāļŠāđāļāđāļŠāļĢāļīāļĄāđāļŦāđāđāļāļīāļāļāļ§āļēāļĄāđāļāļĨāļĩāđāļĒāļāđāļāļĨāļāđāļāļāļēāļāļāļ§āļāļāļĒāļđ ...
āļĢāđāļ§āļĄāļāļēāļāļāļąāļāđāļĢāļē: āļŠāļĄāļąāļāļĢāļāļķāļāļāļēāļāļāļāļēāļāļēāļĢāđāļāļĒāļāļēāļāļīāļāļĒāđāđāļāļ·āđāļāđāļĢāļīāđāļĄāļāđāļāļāļēāļāļĩāļāļāļēāļĢāļāļēāļāļāļāļāļāļļāļāļāđāļ§āļĒāļāļēāļĢāļāđāļāļŦāļēāļ§āđāļēāļāļļāļāđāļāđāļāđāļāđāļĢāļ·āđāļāļāļāļ°āđāļĢ āļāļĩāļāļāļąāđāļāļĒāļąāļāđāļāđāļĢāļąāļāļāļĢāļ°āļŠāļāļāļēāļĢāļāđāđāļāļāļēāļĢāļāļģāļāļēāļāļāđāļēāļāļāļāļēāļāļēāļĢāļāļĩāļāļāđāļ§āļĒ āđāļāļĢāđāļāļĢāļĄāļāļķāļāļāļēāļāļāļāļāļāļāļēāļāļēāļĢāđāļāļĒāļāļēāļāļīāļāļĒāđāļāļ°āđāļŦāđāđāļāļāļēāļŠāļāļąāļāļĻāļķāļāļĐāļēāļāļĩāļŠāļļāļāļāđāļēāļĒāđāļāđāļĢāļąāļāļāļĢāļ°āļŠāļāļāļēāļĢāļāđāļāļēāļĢāļāļģāļāļēāļāđāļāļāļĨāļēāļāļāļĩāđāļĄāļĩāļāļēāļĢāđāļāđāļāļāļąāļāļĄāļēāļāļāļĩāđāļŠāļļāļāđāļāļāļ§āļĩāļāđāļāđāļāļĩāļĒ āđāļāļĢāđāļāļĢāļĄāļāļķāļāļāļēāļāļāļāļāđāļĢāļēāļāļ°āļĄāļĩāļĢāļ° ...
āļŠāļ§āļąāļŠāļāļīāļāļēāļĢ
- āļāļēāļĢāļāļąāļāļāļēāđāļāļ·āđāļāļāļ§āļēāļĄāđāļāđāļāļĄāļ·āļāļāļēāļāļĩāļ
- āđāļāļāļēāļŠāđāļāļāļēāļĢāđāļĢāļĩāļĒāļāļĢāļđāđāđāļĨāļ°āļāļąāļāļāļē
- āļāļģāļāļēāļ 5 āļ§āļąāļ/āļŠāļąāļāļāļēāļŦāđ
- āđāļāļāļąāļŠāļāļķāđāļāļāļĒāļđāđāļāļąāļāļāļĨāļāļēāļ
āļāļģāđāļŦāļāđāļāļāļēāļāļ§āđāļēāļāļāļĩāđāļāļļāļāļāđāļēāļāļ°āļŠāļāđāļ
