IT Application Security Manager

First Alliances

Ho Chi Minh

Work type
  • Work from home
  • Salary

    50 Tr - 60 Tr VND

  • Experience

    5 - 8 Years

  • Job level

    Experienced (Non - Manager)

  • Deadline to apply



  • Laptop
  • Insurance
  • Allowances
  • Incentive bonus
  • Healthcare
  • Training Scheme
  • Salary review
  • Annual Leave

Job Description

• Provide advisory, risk assessment and security assessment for IT projects follows Prudential Secure SDLC and DevSecOps requirements.
• Consult with business users, application developers, systems administrators and management to demonstrate security testing results, explain the threat/risk presented by the results, and consult on remediation.
• Liaise with vendor in the annual an ad-hoc penetration testing schedule to ensure proper budgeting by business lines.
• Take part in and ensure the completeness of the annual Application Security training program.
• Review and monitor vendor’s security service and deliverable.
• Regularly perform compliance assessment on regional policies, standards and drive remediation of control gaps.
• Take part in the implementation of security programs within the local business.
• Foster and maintain relationships with key stakeholders and business partners
• Champion both local & regional IT security initiatives to completion.
• Liaise with internal and external auditors and regulators to ensure all audit and compliance findings are adequately remediated across the business unit.
• Incident management and response.
• Other duties as assigned

Job Requirement

• University degree in Computer Science or technology related disciplines 
• A minimum of 5 years of relevant experience in IT Security or Information Security (Technical) 
• At least 3 years’ experience in Application Security or penetration testing required. 

Knowledge and skill 
• Broad knowledge of security domains, trends, and technologies (such as threat and vulnerability management, identity & access management, web application security, data loss prevention, encryption). 
• In-depth knowledge of application development processes and at least one programming or scripting language (e.g., Java, DotNet, Python, Bash, etc.). 
• Hands-on experience with testing frameworks such as the PTES and OWASP for Web and mobile application. 
• Familiar with Cloud-native application, API security, Container. 
• Extensive experience with security testing tools (e.g., SAST, DAST, OSS vulnerability testing, Container Security, RASP) embedded within DevSecOps and support CI/CD pipeline 
• Applicable knowledge of Windows client/server, Unix/Linux systems. 
• Experience with Cloud technologies in AWS, Azure, or Google Cloud. 
• Professional qualifications such as CEH, OSCP, GWAPT preferred. 
• Knowledge of risk management principles. 
• Ability to manage relationships at various levels within the organization 
• Ability to influence and resolve conflict through timely and transparent communications. 
• Ability to work under pressure 

More Information

  • Age: Unlimited

Similar jobs