Application Security Analyst

• Map and highlight application security risks.
• Assist in establishing process and requirements for monitoring application security risks.
• Assist in establishing process and requirements for auditing application security risk mitigation actions.
• Assessment report highlighting application security risks and their criticality.
• Recommendation actions to address application security risks.
• Develop secure application guidelines.
• Support information security service in identifying required application security audit tools and skills.
• Support information security service in setting up application security audit process.

Requirements

• 5 years of higher education (Master or equivalent) and minimum 8 years of working experience after higher education.

• Experience in developing guidelines based on OWASP ASVS.
• Experience in auditing development guidelines.
• Experience in developing audit requirements in the context of SSDLC.
• Experience in drafting security requirements (NFR, technical requirements) to be used as reference for all applications.
• Establish process and requirements managing vulnerabilities centrally for Applications and Infrastructure.
• Establish process and requirements for registering application security risks.