Vantage Drilling Job Vacancy at Senior Information Security Application Supervisor in Qatar
Senior Information Security Application Supervisor Jobs 2023 in Qatar:- Senior Information Security Application Supervisor has publish a notification on www.vantagedrilling.com career page for the recruitment of Vantage Drilling Post in Qatar location. Candidates who are eligible for the post of Vantage Drilling can apply on before last date without getting late.
|Name of Post
||Senior Information Security Application Supervisor
||QAR 4,000.00 per month
Senior Information Security Application Supervisor Jobs in Qatar 2023 Full Job Descripation
The Senior Information Security Application Supervisor develops, operates and manages the application security and vulnerability management frameworks to continuously monitor and improve organization’s security posture to build secure applications and reduce threat footprint.
The role also provides subject matter expertise and operational direction on application security governance, application security control and risk analysis, security assessment automation, secure development practices and incident response.
1. Establish and manage industry-leading application security processes and practices at each phase of the software development lifecycle and implement operational roadmap for assessment, penetration testing and source code reviews.
2. Ensure acquired and developed applications are consistent with WOQOD’s secure software development lifecycle and security architecture guidelines.
3. Conduct regular manual and automated application security testing, assessments, review results, track issues and follow up to ensure remediation in line with secure software development lifecycle.
4. Manage and facilitate annual third-party penetration testing, application assessments and configuration reviews for compliance and additional assurance of secured implementation and operation.
5. Design, develop and implement the integration and automation of threat modelling, security assessments and testing tools with DevOps, application development and QA tools to improve detection and prevention capabilities.
6. Supervise vulnerability program, manage tools and scanning functions to ensure regular scan and review of network assets and applications to identify all vulnerabilities.
7. Ensure all vulnerabilities are communicated, assigned, tracked and followed up in a standard and efficient manner for timely remediation and closure.
8. Build and operate security processes to contain or remediate zero-day vulnerabilities to protect WOQOD’s information assets, business services and infrastructure systems.
9. Lead vulnerability remediation efforts across various stakeholders by providing strategy, recommendations and guidelines for implementation of fixes and patches.
10. Perform advanced forensic and malware analysis to extract IOCs from malicious binaries, portable executables (PE), scripts, documents and packet captures to aid incident analysis and create detection logic.
11. Provide 1st level of support for all major incidents related to information security in data center, disaster recovery and remote sites.
12. Recommend improvements to the secure reference architecture through continuous review and assessment of the application security requirements, policies and procedures.
13. Ensure secure coding practices and Software Development Life Cycle (SDLC) are followed by providing training and awareness to the internal stakeholders.
14. Provide regular updates to management on application security and vulnerability management posture by defining operational KPIs and metrics, build dashboard and reports.
15. Manage follow up, close and report upon all department’s information security regulatory requirements, audits, inconformity reports, compliance issues and observations that arise during conducted internal and external assurance engagements.
16. Perform other related duties or assignments as directed.
Bachelor’s degree in Computer Engineering/Science, Electronics Engineering, or any other appropriately relevant field.
• 10 years of progressive experience in a directly related field.
• 7 years of professional experience in ICT information, application security in an enterprise level environment.
• 3 years in similarly relevant senior information security application supervisor role with around the same team capacity and complexity of assigned tasks.
Job Specific Skills:
• Certifications in industry relative standards, frameworks, and schools of practice, such as CSSLP, GWAPT, OSCP, etc.
• Excellent knowledge in maintaining effective working relationships with staff and clients; excellent people management
• Excellent written and verbal communication skills.
• Strong analytical and problem-solving skills.
• Proven success in leading a similarly complex ICT information security within same industry.
• Strong knowledge in vulnerability research, threat analysis, malware analysis and reverse engineering.
• Excellent knowledge in implementing and managing assessment tools (VA, DAST, SAST & RAST), methodologies and security attack vectors.
• Professional experience in conducting manual and automated application assessments (DAST, SAST & RAST), penetration testing and configuration review.
• Excellent understanding of modern development approaches and environments, secure Software Development Life Cycle (SDLC), secure coding practices and DevSecOps.
• Good understanding of cryptography, web service frameworks, mobile application architectures, and service architectures (such as event-driven, service-oriented, or serverless architectures)
• Experience in implementing enterprise information security architectures and frameworks.
• Strong understanding of project management principles and requirements.
• Strong understanding of contractual, supplier and vendor management principles and requirements.
• Excellent knowledge and understanding of Information Technology industry, trends, architectures, integrations, operational security, and process computing.
• Excellent knowledge and understanding of leading industry standards, frameworks, methodologies and best practices.
• Excellent knowledge and understanding of information security governance, compliance, architecture components, technical solutions and operational services.
• Excellent knowledge and understanding of security cost optimization strategies, techniques and solutions.
• Good knowledge and practice of team’s coaching and mentoring.
Read Carefully Before Apply