Application Security Officer-

Application Security Officer-

AXA Group Operations Malaysia Sdn Bhd
Not Specified
Not Specified

Job Description



Full-time
Job Purpose:
The mission consists in filling the role of Application Security Office and Vulnerability Expert for regular qualification of application vulnerability, timely monitoring, collecting, analysing application vulnerability data and delivering vulnerability mitigation recommendation to the IT Teams.
The sources of information include but are not limited to Web Application Firewall (WAF) alerts, security scanner reports, published vulnerabilities from vendors and internal/external threat intelligence sources. The position will also support incident handling for application vulnerabilities.
Job Scope:

  1. Lead the application security function in Asia and work closely with Global CyberDefense teams across the world.

  2. Identify the vulnerability severity on our applications from Various automated tools like Qualys (DAST) and SCA - J-Frog XRAY

  3. Analyze the impact of Security bulletins on our applications (using the application component inventory)

  4. Prioritize the patches required and Coordinate with other security team members [Qualys Scan Execution team and Center of Excellence / WAF] to run further scans and WAF patches

  5. Track and record decisions made on how to treat the vulnerabilities

  6. Oversight and coordinate all work related to application vulnerability management in Asia

  7. Analyzing structured and unstructured datasets from various sources to analyses vulnerabilities and produce remediation recommendations

  8. Prioritize the emergency of vulnerability remediation activities

  9. Provide technical advisory to IT Production or Development Teams to effectively remediate vulnerabilities

  10. Ensure timely follow up for remediation of vulnerabilities

  11. Recommend compensatory measures when remediation takes time and the vulnerability exposure windows is not acceptable in regard to the threat level

  12. Report on mitigation status and threat exposure

  13. Own the application vulnerability management process and strive to optimize it

  14. Assist in investigation of security issues by reviewing the results of WAF alerts and other vulnerability identification (vulnerability scanning, penetration testing, etc.)

  15. Consult on incident handling which includes implementation of containment, protection and remediation activities

  16. Perform manual testing using tool such as Burp suite

  17. Flexible in supporting stream lining application security process and SSDLC and

  18. Support initiative for improving overall application security maturity

  19. Coordinate with Infra Security team for SCA vulnerabilities, identified through Qualys VM process.

  20. Supporting Cloud migration project from application security standpoint and setting up the new process


Would you like to wake up every day driven and inspired by our mission of acting for human progress by protecting what matters Here at AXA we strive to be a responsible employer, placing employee engagement at the heart of its business strategy. Achieving this means creating a workplace built on AXA%27s Values that foster diversity and equal opportunities for all, promotes employee participation, encourages professional development, and supports employee well-being. We are looking for talented individuals who come from varied backgrounds, think differently and want to be part of this exciting transformation by challenging the status quo so we can push AXA - a leading global brand and one of the most innovative companies in our industry - onto even greater things. In a fast-evolving world and with a presence in 57 countries, our 160,000 employees anticipate change to offer services and solutions tailored to the current and future needs of our 108 million customers.

Job Source : jobs.axa

Similar Jobs

Career Advice to Find Better