Responsibilities
- Collaborate with IT infrastructure, DevOps, development, architecture, and project management teams across the organization.
- Deliver security consulting for on-premise and cloud project implementations to enhance overall system security.
- Act as the technical security liaison during system development, particularly in automation, CI/CD pipelines, and full lifecycle application delivery.
- Enforce security standards across all new applications and API deployments.
- Conduct threat modeling and analyze business and technical processes to detect system or procedural weaknesses, producing documented findings.
- Establish consistent technical, functional, and administrative security requirements for application design and architecture.
- Align security controls with business goals for new application systems.
- Advise on technical solutions to resolve infrastructure and application security gaps.
- Partner with stakeholders to execute security enhancements across systems and services.
- Engage with security architecture specialists to evaluate and resolve project-level architectural risks.
- Oversee and verify source code reviews across all development platforms and frameworks.
- Coordinate vulnerability scanning and penetration testing follow-up actions with development teams.
- Support vulnerability triage and offer resolution recommendations.
- Keep security requirement baselines current and relevant.
- Maintain deep expertise in information security technologies, practices, and industry trends.
- Work with IT and application teams to strengthen operating systems and applications to safeguard user data.
- Support the Department Head in advancing the organization’s overall security posture through improvement initiatives.
- Carry out additional information security governance, risk, and compliance tasks as assigned.
Work Arrangement
On-site
