Security Operations Lead Expert

Job Purpose

The role will be serving as Security Operations Lead Expert – focusing on infrastructure and applications. This role involves conducting routine evaluations of infrastructure and application vulnerabilities, continuous monitoring, gathering and examining vulnerability data, and providing vulnerability mitigation strategies and recommendations to the IT Teams.

For the Security Operations Lead Expert role, the sources of information may encompass, but are not limited to, security alerts, vulnerability scanning reports, security testing activities, vendor-published vulnerabilities, and internal/external threat intelligence sources. Moreover, the position may necessitate the candidate to assist incident handlers during major application-related security incidents.

Responsibilities

• Join and lead the vulnerability management team based in Asia, collaborating closely with global domain teams located worldwide.
• Serve as the Subject Matter Expert in the field of vulnerability management within the infrastructure and application security domain.
• Utilize various automated tools, such as Qualys (DAST), BurpSuite, and Checkmarx, to detect vulnerability issues in infrastructures and applications.
• Evaluate the impact of vendor security advisory notifications and communicate findings to relevant stakeholders to devise solutions.
• Prioritize active critical vulnerabilities for remediation based on a risk-based approach and/or the organization's risk appetite.
• Monitor, track, and document all vulnerability status updates in the registry.
• Oversee and coordinate all work related to application vulnerability management in Asia.
• Coordinate with the local Entity Security team to address vulnerabilities detected through the vulnerability management process.
• Analyze structured and unstructured datasets from various sources to identify vulnerabilities and provide remediation recommendations.
• Provide technical guidance to IT Production or Development Teams to effectively remediate vulnerabilities.
• Ensure timely follow-up for vulnerability remediation and assess the risk impact according to internal risk methodologies and frameworks.
• Recommend compensatory measures when remediation is not possible and ensure that the risk acceptance process is followed.
• Own and continuously optimize the application vulnerability management process.
• Assist in investigating security issues by reviewing vulnerability identification results.
• Assist in incident handling, including implementing containment, protection, and remediation activities.
• Perform manual security testing using tools such as BurpSuite and other open-source tools.
• Be flexible in supporting the streamlining of the application security process and SDLC.
• Support initiatives for improving the overall application security maturity framework and process.
• Support Cloud migration projects from a threat and vulnerability management perspective and establish new processes.

Profile and Qualifications

• Minimum of 10-12 years of experience in Vulnerability Management and Assessment, specifically related to Infrastructure and Application.
• Overall experience of at least 15+ years
• Bachelor's degree in IT/Computer Science, Engineering, or a related field.
• Proven experience in implementing SDLC and Application Security for enterprise products/applications.
• Extensive experience in SAST/DAST onboarding and rollout.
• Strong understanding of vulnerability assessments, including vulnerability scanning and security testing, as well as infrastructure security reviews for servers, web, and mobile applications.
• Hands-on experience working with Qualys, BurpSuite, and other application vulnerability scanning/penetration testing tools.
• Assist in challenging vulnerability findings from penetration testing activities conducted by independent third-party assessors.
• Strong technical understanding of threat and vulnerability assessment activities, processes, and systems.
• Extensive experience in manual testing methodologies for web/mobile applications, including penetration testing, and tools such as BurpSuite (OSCP skill set preferred).
• Familiarity with the OWASP framework and secure development of applications.
• Security certifications such as GWAPT, CISSP, CEH, CHFI, or equivalent are highly desirable.
• Strong knowledge of patch management, network security, end-point security, secure access management, server system administration, system hardening, secure coding, and application security design.
• In-depth knowledge of applying security controls to technology operational services.
• Excellent communication skills, both written and verbal (English), to communicate effectively with a wide range of stakeholders. Proven ability to explain security issues in business language and business issues in security language.
• Ability to produce high-quality output with a strong focus on attention to detail, while following design and delivery methods, tools, and standards.

Domain Knowledges Reference -

• Penetration testing of web applications (preferred).
• Threat and vulnerability assessment (preferred).
• Application security, including DevSecOps, SAST/DAST, and manual testing (preferred).
• Infrastructure security, including system and operating system hardening (preferred).
• Knowledge of data security, specifically encryption (bonus).
• Familiarity in Network Security (WAF, DDOS, Proxy, IPS), End-point Security (Anti-Virus, EDR, DLP), Access Management, SOC, and Security Incident Management (bonus)
• Knowledge of cloud security, including IaaS, PaaS, and SaaS (bonus).