Application Security Patching Manager
Mandaluyong City, Philippines
5d ago
source :

Job Description :

  • Identify the vulnerability severity on our applications
  • Analyze the impact of Security bulletins on our applications (using the application component inventory)
  • Prioritize the patches required and Coordinate with other security team members Qualys Scan Execution team and Center of Excellence / WAF.
  • to run further scans and WAF patches
  • Track and record decisions made on how to treat the vulnerabilities
  • Report on patching progress
  • Qualifications :

  • At least 5 years' experience in Information Risk and Security management / consulting.
  • Strong understanding of performing penetration tests, vulnerability assessments and infrastructure security reviews for the web and mobile applications.
  • Hands-on experience working with Qualys WAS and other application vulnerability scanning / pentest tools.
  • Familiarity with the OWASP framework and application security best practices.
  • Experienced in secure application coding and application security scanning
  • Security Certificates in CISSP, CISA, CISM or equivalent is a great plus.
  • Strong technical understanding of threat and vulnerability scanning solutions, processes and systems
  • Knowledge and hands-on experience of WAF and virtual patching
  • Strong Knowledge of patch management
  • Knowledge of the legal and regulatory environment within which financial organisations operate (e.g. Singapore MAS)
  • In depth knowledge of applying Security controls to technology operational services
  • Strong communication skills, both written and verbal (English), to communicate effectively across a wide range of stakeholders.
  • Proven ability to explain security issues in business language and business issues in security language

  • Capable of producing high quality output with a strong focus on attention to detail following design and delivery methods, tools and standards
  • Experience :

  • Demonstrable experience of designing / implementing / improving / managing / governing threat and vulnerability management service especially in applications
  • Demonstrable experience of continuous improvement of Security threat and vulnerability services
  • Demonstrable experience of effective incident management support
  • Demonstrable experience of project management in security projects preferred
  • Skills :

  • Excellent communication skills
  • Ability to understand and communicate the requirements of business departments to the information technology department and vice versa
  • Excellent verbal and written English communication and presentation skills
  • Excellent inter-personal
  • Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form