- Plans, organizes and manages security related to application.
- Develop and maintain security policies, security standards, security processes and best practices into SDLC to compliance with regulations such as RMiT and TRM.
- Manage vulnerability check tools such as Static Code Analysis, Software Composition Analysis and Dynamic Code Analysis tools.
- Conduct regular security assessments such as critical security design review, code review and application security testing.
- Discover potential threats and vulnerabilities in application and provide solution/mitigation plan.
- Monitor and response to security breaches/threats/vulnerabilities. Investigate and remediate security incidents.
- Assists in auditing and compliance related to security.
- Coordinate application pen-testing with software engineer to fix the finding.
- Research and keeping application up-to-date on latest security trend.
- Collaborate with software engineers and devops in securing application.
- Provide security training and guidance to software engineers or other team member.
- Mentor and coach members of the team.