ログイン
大手証券会社でのSenior Application Security Engineerの求人
求人ID:1296750
募集終了
転職求人情報
職種
Senior Application Security Engineer
ポジション
Vice President
おすすめ年齢
20代
30代
40代
50代以上
年収イメージ
年収イメージ:〜1000万円(経験・能力を考慮の上当社規定により決定)
仕事内容
Our employees are the first line of Cybersecurity defence and require application security and language knowledge to spot and assess application weaknesses.
Key activities of the Culture & Learning (C&L) function include:
・Day-to-day supervising of Application Security Champions
・Supporting the automation of security tools (e.g., Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and other security testing tools)
・Managing of related findings and vulnerabilities
・Defining and documenting security practices
・Defining, documenting, and monitoring of security configuration baselines for security integrations
・Working with global security team members and development teams to solve DevSecOps problems
All team members will need to perform project management activities (Change the Bank (CTB)), as well as operational activities and support (Run the Bank (RTB)).
Key activities of the Culture & Learning (C&L) function include:
・Day-to-day supervising of Application Security Champions
・Supporting the automation of security tools (e.g., Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and other security testing tools)
・Managing of related findings and vulnerabilities
・Defining and documenting security practices
・Defining, documenting, and monitoring of security configuration baselines for security integrations
・Working with global security team members and development teams to solve DevSecOps problems
All team members will need to perform project management activities (Change the Bank (CTB)), as well as operational activities and support (Run the Bank (RTB)).
必要スキル
●Mandatory
Language Skills:
・Bilingual Japanese / English language capabilities.
・Native Japanese language is ideal, but must have at least N1 JLPT Japanese language skills.
・TOEIC level should ideally be over 800.
IT and IT Security Experience:
・At least 4 years of working experience in Application Security or development security related projects
・Good communicator and culturally aware to navigate cultures of our global teams
・Working knowledge of REST APIs and Web applications
・Working knowledge of general IT Security concepts and principles
・Proven ability to work independently on projects
・Proven experience in creating technical documentation and guides
・Strong interest in DevSecOps pipeline tools and their secure configuration
・Strong interest in Application Security (OWASP)
●Preferred
・Security certifications, such as: CISSP, CISM, CSSLP, CRISC
・Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC.
・Onboarding or automating SAST, SCA, IAST, DAST
・Development experience in Java, Python, C#, Postscript, Typescript
・Background in Kubernetes and cloud-native applications
Personal Characteristics:
・Strong communication skills, ability to work comfortably with different regions.
・Good team player, ability to work on a local, regional and global basis and as part of joint ・cross-location teams and cross-functional teams.
・Ability to be pro-active and self-manage tasks through to completion.
・Able to perform under pressure.
Language Skills:
・Bilingual Japanese / English language capabilities.
・Native Japanese language is ideal, but must have at least N1 JLPT Japanese language skills.
・TOEIC level should ideally be over 800.
IT and IT Security Experience:
・At least 4 years of working experience in Application Security or development security related projects
・Good communicator and culturally aware to navigate cultures of our global teams
・Working knowledge of REST APIs and Web applications
・Working knowledge of general IT Security concepts and principles
・Proven ability to work independently on projects
・Proven experience in creating technical documentation and guides
・Strong interest in DevSecOps pipeline tools and their secure configuration
・Strong interest in Application Security (OWASP)
●Preferred
・Security certifications, such as: CISSP, CISM, CSSLP, CRISC
・Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC.
・Onboarding or automating SAST, SCA, IAST, DAST
・Development experience in Java, Python, C#, Postscript, Typescript
・Background in Kubernetes and cloud-native applications
Personal Characteristics:
・Strong communication skills, ability to work comfortably with different regions.
・Good team player, ability to work on a local, regional and global basis and as part of joint ・cross-location teams and cross-functional teams.
・Ability to be pro-active and self-manage tasks through to completion.
・Able to perform under pressure.
就業場所
就業形態
正社員
企業名
大手証券会社
企業概要
国内大手証券会社
企業PR
日本をベースとしたグローバル金融機関。インベストメント・バンキング、グローバル・マーケッツ、アセット・マネジメント、リテールビジネス等を行っています。