Security Engineer
Manulife
Quezon City, PH
5d ago

Job Description

The Security Engineer is a multi-faceted security role responsible for the identification, tracking, mitigation, remediation, and verification of security vulnerabilities in applications, systems and infrastructure.

The successful candidate will combine their knowledge with strong interpersonal skills to ensure that security risks are effectively identified and appropriately addressed while maintaining a balance between security & usability.

Responsibilities :

  • Assist software development teams with understanding and remediating automated scan results of software source code as well as penetration testing
  • Assist the Business Unit Security Officers in the risk assessment process by assessing application risks and providing security recommendations for improved application design or coding
  • Work with the developers throughout the software engineering lifecycle to ensure compliance with secure software development best practices
  • Drive adoption of US segment code scanning capabilities and of the DevSecOps pipeline
  • Develop and deliver Cybersecurity analytics that will allow for data driven decisions.
  • Deliver regular reporting on initiatives, program progress and key areas of risk.
  • Develop or acquire targeted training for development teams in secure coding and other security practices
  • Identify, propose and acquire toolsets to assist with the security assessment process in an Agile and DevOps environment
  • Qualifications

  • Minimum of 3-5 years of software development experience and 3+ years of work experience in application security
  • Development and / or security-related experience with web applications, web services, and mobile applications including : at least 1 of the following core languages : Java, C, C++, .
  • NET, or C#and 2 of the following languages : HTML, JavaScript, PHP, Perl, SQL, Ruby, or COBOL

  • Experience working on or closely with development teams in the Software Development Life Cycle (SDLC) using DevOps, Agile and / or waterfall methodologies
  • Ability to understand and interpret vulnerabilities and communicate business impact and remediation actions to management
  • Ability to rapidly learn new technologies and business functions
  • Excellent analytical, presentation, and communication (oral and written) skills to work with technical and non-technical audiences
  • Results-oriented, high energy, self-motivated
  • Excellent leadership, teamwork, and client service skills
  • Security related certifications, such as CISSP, CSSLP, or SANS GIAC, a plus
  • Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form