assistant manager - information security (permanent).

about the company.
This company is one of the market leaders in the industries and they would like to invite information security talents to join the regional team.

• Conduct security risk assessments and threat modeling for new and existing applications to identify vulnerabilities and weaknesses.
• Analyze and evaluate risks associated with third-party vendors and application integrations.
• Translate technical vulnerabilities into business-oriented risks and present findings to both technical and non-technical stakeholders.
• Work closely with development teams, providing guidance on secure coding practices and security requirements.
• Participate in all phases of the Software Development Life Cycle (SDLC) to ensure security is a core component.
• Ensure applications and systems comply with internal security policies, standards, and regulatory requirements.
• Contribute to the development and refinement of information security policies and procedures.
• Monitor and review regularly compliance with risk management strategies and practices that BUs’ activities and processes are meeting required standards.

• University graduate from an IT discipline such as Computer Science/Engineering with relevant professional certifications
• At least 7 years of relevant experience gained, with regional or global exposure would be a plus
• With professional certifications (such as CISSP, CISA, CISM, etc.)
• Hands-on experience with security tools such as SIEM, vulnerability scanners, and application security testing (SAST/DAST) tools.
• An effective communicator with people at all levels, with excellent command of both written and spoken English