Company Name: BRAC Bank Limited

Roles & Responsibilities:

• Be part of the digital road map and responsible for ensuring security into the development/acquisition of applications/integration/FinTech initiatives. Work closely in technology projects to threat model, vulnerability scan, and pen test the software, system and identify required control points in the application stack. Also to diagnose, document, and remediate application and database security vulnerabilities.
• Secure code review and ensure Database security. Provides 360 risk assessments and cyber security briefings and advises of critical issues that may affect cyber security objectives. Identifies potential areas where existing information security policies and procedures require change, or where new ones need to be developed, especially regarding new applications and architectures. Conduct technical in-depth security analysis of systems to identify gaps and find remediation. Recommends, integrates and maintains security tool sets.
• Identification, assessment, mitigation, monitoring, governance, and reporting of software vulnerability throughout IT and large-scale development programs such as Digital Transformation.
• Ensure proper technology risk considerations are addressed at each phase of the system development life cycle (SDLC) and provide proactive solutions to correct exposures or mitigate risk.
• Evaluates and recommends cyber security solutions, and/or procedures to enhance productivity and effectiveness. Maintains awareness of cyber trends, threats, and vulnerabilities. Other tasks and responsibilities as assigned.

Educational Qualification:

• BSc/MSc degree in Information Security, Cyber Security, Computer Science or related fields is required.

Work Experience:

• 5 to 8 year(s)

Others Requirements:

• Minimum 5 years of Working experience in Information Security as primary responsibility or minimum 8 years IT experience with Application as a primary responsibility and strong Application/Database security focus as a secondary job duty required.
• Knowledge and experience with application and Database vulnerability assessment and remediation. Some knowledge and developer experience with programming languages, such as C#, Java.
• Knowledge and experience with NIST, OWASP desired. Experience on implementing/managing security programs and controls. Knowledge of various security methodologies and processes, and technical security solutions. The candidate must be familiar with security principles and concepts.
• Drive innovation by analyzing and interpreting data to test and inform a new initiative or approach. Accountable for successful completion of multiple, individual projects simultaneously. Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.
• Manage change and demonstrate adaptability by embracing change and adjusting priorities or processes and approach as needs dictate. Take responsibility for successes and failures related to individual and team-based project work assignments; actively presents suggestions for solution(s), if objectives not met.
• Professional industry certifications and experience in Application Security and Database security is recommended. CASE/CASS/GWEB, CPEH/CEH, GWAPT/ LPT/CSXP and OCP is expected. CISM/CISSP/ CSSLP would be an advantage.

Others Benefit:

As per company policy.

 

Source: bdjobs