Application Security Manager - Hybrid-Makati

Makati, National Capital Region

Posted 2 days ago


Company:: Dempsey Resource Management Inc
Company Description:: DEMPSEY, INC – We are the RECRUITMENT PARTNER of Client Companies • We are an HR Firm engaged in the sourcing and referral of college graduates and professionals. • We do assist our client companies in the sourcing of competent and qualified candidates to fill up various job positions in their organization. The job positions we are targeting for our referred candidates are those intended for direct hiring by our clients. • We can provide candidates for entry level, supervisory, managerial and executive positions for our client’s direct hiring. OUR GOAL We strive to become a significant venue both for private companies and professionals for the purpose of: ∗ matching their respective needs ∗ Creating opportunities for productive, meaningful and long-term employment. HOW CAN WE HELP CLIENT COMPANIES ∗ We provide an alternative, back-office manpower sourcing and recruitment services to fill up various job positions in their organization. HOW CAN WE HELP APPLICANTS? ∗ DEMPSEY is committed in finding our candidates the right job in the right company ∗ DEMPSEY do not charge any fee to our Candidate, whether or not they are successfully hired ∗ Applicants’ resume will automatically be put on our active file. Once we determine that your qualification and/or experience matches that of the Clients’ requirements, we shall endorse you to the Client WHAT WE CAN DO? ∗ DEMPSEY is committed in assisting its Clients in sourcing and finding suitable candidates to fill up their current personnel requirements by way of: . Prompt deployment of pre-qualified applicants . More applicants to choose from . Good quality applicants . Value-for-money recruitment process OUR CORE COMPETENCIES • Finance, Accounting, HR and Admin personnel • Sales, Marketing and Promotion personnel • Engineering, Technical and Highly-Skilled • IT, Web and Programming personnel • Behavioural Science personnel • Creative & Liberal Arts personnel
Contract Type:: Full Time
Experience Required:: 5 to 10 years
Education Level:: Bachelor’s Degree
Gender:: Any
Number of vacancies:: 1

Job Description

REQUIREMENTS:
Bachelor’s Degree in computer science, engineering, or relevant field.
EXPERIENCE :
At least 5 years of experience in information technology, 2 years experience in information security focusing on IT
governance, network or application security.
SPECIFIC KNOWLEDGE:
Problem Solver Mindset, Strong Project Management Knowledge with documentation, Knowledgeable in product
development lifecycles, Knowledgeable software development lifecycles, Strong leadership and team building
characteristics, Expertise and Experience in Banking and Digital Transformation projects.
BUSINESS UNDERSTANDING:
Understanding of advanced business planning and regulatory issues. Keep abreast of technology trends,
competitors’ activities, and related regulations.

SPECIFIC DUTIES AND RESPONSIBILITIES:
● Overall incharge of managing and improving existing Paynamics Internal Applications and its
interaction to Paynamics Stakeholders. (i.e. Clients, Business Units, Execom)
● Conducts and improves project application security risk and threat assessment process to identify the security
posture of the project.
● Runs vulnerability scan, penetration testing, and exploit code execution for systems to ensure that the security
of the application that will be deployed in the live environment meets the global standards. Update the
information security workbook for the newly identified vulnerabilities.
● Performs security assessment, and reviews architecture and design patterns on mobile projects and APIs
(Application Program Interface) to secure the applications from malicious threat actors.
● Analyzes results of reconnaissance, automated scan, and penetration testing to document and identify
vulnerabilities and remediations. Verify if there is a CVE value for the identified vulnerabilities.
● Recommends technical solutions to the vulnerabilities identified during assessment and reviews the accuracy
of the recommended remediation by the security specialist.
● Reviews the application libraries or components by applying in-depth methods of application security to identify
the potential security flaws of the project.
● Conducts Static Application Security Testing (SAST) to identify the attack vectors in the source code, and
recommends remediations to prevent exploitation by threat actors. Assess the viability of the SAST tool
quarterly and recommend it if needed.
● Researches new security technologies from various platforms and presents the research findings to the team
for Information Security Summit Topics.
● Attends, documents and coordinates project kick-offs with the software development team to provide feedback
on the potential concerns that may be encountered in the project development.
● Facilitates information security training to educate the users to protect the company data against threat actors.