Security Engineer - Engineering - L2 - Associate

Requirements:

Experience with software development methodologies e.g. Agile, DevOps etc.
Fluent in at least one major programming language (e.g. Java, Python, Go etc.)
Working knowledge of CI/CD platforms e.g. Gitlab, AWS Code Commit and Deploy (or similar)
Ability to engage technical client base of engineers and communicate security requirements, potential risks, and influence development practices

Lead and/or support static, dynamic and security awareness services
Drive adoption of application security controls within Software Development Life Cycle (SDLC)
Interface with Business Units, provide advice and consultation, to help remediate issues identified by S-SDLC tools
Develop, and customise rules, to improve detection capability of S-SDLC tools
Help engineer tools and solutions that facilitate the adoption of security controls
Develop Proof-of-Concepts (PoC), to be shown as solutions, and handover to Engineering for broader rollout
Work with engineers to develop customized security testing strategy to complement the existing security testing program managed by Technology Risk
Be responsible to communicate program to broader developers’ community for solutions that might impact Developer Experience (DevEx)
Be responsible for the awareness, training and guidance on security related issues
Conduct product evaluation of solutions that may benefit the S-SDLC program