Banner Default Image

Head of Application Security

Back to job search

Head of Application Security

  • Location:

    Makati City

  • Sector:

    Monroe Information Technology

  • Job type:

    Permanent

  • Salary:

    Negotiable

  • Contact:

    Annjelica Antonio

  • Contact email:

    annjellica.antonio@monroeconsulting.com.ph

  • Job ref:

    BBBH411246_1673949495

  • Published:

    11 days ago

  • Duration:

    Full-Time

  • Expiry date:

    2023-01-31

  • Startdate:

    ASAP

Executive recruitment company Monroe Consulting Group Philippines is recruiting on behalf of a leading AI and big data company providing digital transformation, fraud prevention and process automation services in Asia.

Job Summary
Our respected client is seeking a Head of Application Security to analyze software designs and implementations from a security perspective and identify and resolve security issues. You will include the appropriate security analysis, defences and countermeasures at each phase of the software development lifecycle, to result in robust and reliable software.
As the Head of Application Security, you will lead a squad of (3 - 5 ) highly skilled application security engineers and will serve as the security expert and advisor for senior management on emerging threats, vulnerabilities and security concerns. You will protect the data of millions of users, ensure new products and designs are architected safe by default, build monitoring and detection systems, work collaboratively with cross functional teams to promote a security-first culture, squash vulnerabilities, and help us achieve our compliance and regulatory goals.
The role includes significant autonomy towards defining problem spaces and a mandate to build viable tools which are both internally - and externally facing. This is a great opportunity for someone who wants to have a large sense of ownership, make fundamental impact for the business and the organization in a fast-moving hypergrowth fintech.
Their engineering team values agility, collaboration, and autonomy. They are building a team of not just strong problem-solvers, but great collaborators-engineers who are excited to teach and learn from each other, share decisions and information freely, and work together on new problems that no other companies have solved before. Come join the best people in the business. The job is in Ortigas Center, Philippines with a Hybrid Work set-up.

Key job responsibilities:

  • Design, develop, and maintain Lob's core security protocols, policies, and services
  • Present findings and explain impact and solutions to any level of leadership and other engineers
  • Build out a comprehensive security roadmap
  • Ensure compliance against relevant industry security standards
  • Perform regular audits and patch vulnerabilities
  • Evangelize and educate security best practices across the company
  • Participate in the design of new services and infrastructure
  • Create proper automation and monitoring to enforce security policies and detect threats
  • Attract, hire and develop security talent

Qualifications

  • Proven work experience as a software security engineer
  • 7+ years of proven security experience with 3+ years in leadership roles, preferably in an environment where data / systems are in the cloud.
  • Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
  • Software development experience in one of the following core languages and/or frameworks: Java, Kotlin, (micronaute, springboot) Python, Javascript (Angular, React, Next etc.) and native Mobile software development Android, IoS (Swift, ObjectC) etc.
  • Experience managing security and partnering with internal/external stakeholders in a high-consequence environments where critical customer/partner data is at stake.
  • Proven experience as a hiring manager and team-builder, leading and motivating cross-functional initiatives, and strong partnership with recruiting.
  • Thorough understanding of the current threat and attack landscape, latest security trends and principles.
  • Demonstrated ability to effectively communicate complex security technology matters in an easy-to-understand manner to executives, teams and individual contributors across the organization.
  • Experience designing/implementing controls to meet regulatory frameworks such as ISO 27001, SOC 2, GDPR, etc.

Advanced skills and knowledge of the following Technical Security and Security Engineering Topics preferred:
SOC & CC

  • Security Event Information Management (SEIM)
  • Physical Security Information Management (PSIM)
  • Central Monitoring Station (CMS)
  • Emergency Communication Systems (ECS)
  • Integrated Platform Design & Architecture

ACCESS CONTROL

  • Physical Identity Access Management (PIAM)
  • Physical Access Control Systems (PACS)
  • Visitor Management Systems (VMS)
  • Digital & Analog Platform Topologies
  • Access Control Devices & Equipment

VIDEO SURVEILLANCE

  • Video Management Systems (VMS)
  • Closed-circuit Television Systems (CCTV)
  • Video Content Analysis Systems (VCA)
  • Digital & Analog Platform Topologies
  • Video Surveillance Devices & Equipment

INTRUSION DETECTION

  • Alarm Monitoring Systems (AMS)
  • Physical Intrusion Detection Systems (IDS)
  • Digital & Analog Platform Topologies
  • Intrusion Detection Devices & Equipment

THREAT PREVENTION

  • Technical Surveillance Countermeasures (TSCM)
  • Cryptographic Key Management Systems (CKMS)
  • Facial Recognition Systems
  • Fingerprint Authentication Systems
  • Iris Recognition System
  • Insider Threat Monitoring Systems
  • Adversary Emulation Devices & Equipment

SECURITY INDUSTRY

  • Marketing & Distribution Channels
  • OEMs
  • Security System Manufacturers
  • Distributors (Suppliers/Co-Ops )
  • System Integrators (VARs/Dealers)
  • Security Managers (End users)
  • Professional Associations