Application Cyber Security Officer
AXA
Application Cyber Security Officer
Job Description
Job ID: 250005GQ
Entity: AXA Asian Market
Job Purpose:
The Application Cyber Security Officer is responsible in assisting the IT Operations and Security Head in the effective implementation of Information Security program and mandate to ensure the confidentiality, integrity, and availability of AXA Philippines’ corporate information assets with focus on applications.
Key Accountabilities:
Enforce Security by Design on all phases of Software Development Life Cycle.
Monitor and validate progress on the remediation implemented to address outstanding issues/vulnerabilities
Manages internal and external VAPT engagements conducted by external vendor. Ensures closure of audit finding.
Review result and methodology from vulnerability scan and penetration test conducted by vendor
Perform manual or automated tests to validate remediation
Perform technical and security reviews on assets impacting operations of applications
Work with internal teams to resolve security findings on applications
Take the corrective action needed to meet the standards required by security policy, procedures, network architectures and software design
Promote security awareness program on secure coding and systems development life cycle
Other tasks or duties that may be assigned in line with the Information Security Program
Key Customers:
Local Users of AXA applications
IT Service Delivery Team and Solution Delivery Teams
Business owners and Product owners
Vendors
Auditors
Regional/Group Security
Dev team
Working Relationships within Business Unit:
Work with CSO, CIO, IT Operations and Security Head, IT Security Director and Group Operations Security Leaders to gain a clear understanding on the overall corporate direction with regards to security initiatives and control implementation.
Work with regional and local IT team heads to ensure they carry out the planned actions and projects to mitigate IT security risks.
Work with business department heads to ensure that security is taken into consideration and implement the required actions that fall within the business area.
Work with Regional/Group audit team for Pen test report
Coordinates with the application developers and owners for remediation
Qualifications:
University degree in Computer Science or related fields.
Knowledge of software designs and how to secure them
Knowledgeable in VAPT tools
Knowledge in analyzing and securing web and API / application designs
Experience in application security / assurance testing
Knowledgeable in Top 10 OWASP
Ability to audit vulnerabilities and mitigate risks
Background in managing and protecting systems against threats
Experience:
A minimum of two-year experience either a combination of the following field of Information Security, Technology Risk, or IT Audit.
Able to develop a clear understanding of clients and customers’ technology needs.
Understand the linkage between information technology and business value.
Conversant and knowledgeable on the latest technology innovations and possibilities, understanding how key technologies can help address security issues.
Strong ability to prioritize to achieve target dates.
Possesses excellent verbal and written communication and presentation skills in English.
Optional/Good to Have:
Knowledgeable in ISO standards 27001/27002 is a plus
CompTIA PenTest+, CISSP, CISA, CEH, GCIH or GPEN certification would be a plus
Understand technologies and issues on systems reliability, security, and disaster recovery
Please visit www.axa.com.ph/careers for more information.
A global leader in insurance and investments, AXA takes care of 103 million lives in 64 countries worldwide. We actively invest in pioneering and personalized solutions to meet your ever-changing needs and exceed your expectations. In the Philippines, we are in partnership with Metrobank, one of the country's strongest banks.
Established in 1999, AXA Philippines is one of the largest and fastest growing life insurance companies in the country. It offers financial security to more than one million individuals through its group and individual life insurance as well as general insurance products through its subsidiary Charter Ping An.
AXA Philippines is one of the first to introduce bancassurance operations in the country, and is among the pioneers in the investment-linked insurance sector.
AXA now offers a complete range of products for all its customers’ insurance and financial protection needs, including savings and investments, health plans, income protection, and health coverage; and through its general insurance subsidiary Charter Ping An Insurance Corporation: fire, motor car, marine cargo, personal accident, bonds, casualty, and engineering insurance products.
AXA Philippines closed 2017 with P26.4 billion in total premium income and P5.7 billion in gross written premiums from Charter Ping An. Today, AXA has more than 4,000 financial advisers in 36 branches, and 700 financial executives in over 900 Metrobank and PSBank branches nationwide. Charter Ping An, on the other hand, has 22 branches nationwide and 2,007 agents.
AXA Philippines is a joint venture between the AXA Group, headquartered in France, and the Metrobank Group, one of the largest financial conglomerates in the Philippines.
The Metrobank Group is a conglomerate of industry-leading businesses that includes First Metro Investment Corporation, Metrobank Credit Cards, Federal Land, Toyota, and Manila Doctors Hospital. It was hailed Best Bank in the Philippines in 2010, 2011, and 2012 by Euromoney and recognized as the strongest bank in the Philippines by The Asian Banker in 2013. It is owned by the Ty Family whose major business interests include financial services, real estate development, power, and manufacturing.
Locations
- MAKATI CITY, Philippines 1226
Salary
900,000 - 1,500,000 PHP / yearly
Skills Required
- Knowledge of software designs and how to secure themintermediate
- Knowledgeable in VAPT toolsintermediate
- Knowledge in analyzing and securing web and API / application designsintermediate
- Experience in application security / assurance testingintermediate
- Knowledgeable in Top 10 OWASPintermediate
- Ability to audit vulnerabilities and mitigate risksintermediate
- Background in managing and protecting systems against threatsintermediate
- Excellent verbal and written communication and presentation skills in Englishintermediate
Required Qualifications
- University degree in Computer Science or related fields. (experience)
- Knowledge of software designs and how to secure them (experience)
- Knowledgeable in VAPT tools (experience)
- Knowledge in analyzing and securing web and API / application designs (experience)
- Experience in application security / assurance testing (experience)
- Knowledgeable in Top 10 OWASP (experience)
- Ability to audit vulnerabilities and mitigate risks (experience)
- Background in managing and protecting systems against threats (experience)
- A minimum of two-year experience either a combination of the following field of Information Security, Technology Risk, or IT Audit. (experience)
- Able to develop a clear understanding of clients and customers’ technology needs. (experience)
- Understand the linkage between information technology and business value. (experience)
- Conversant and knowledgeable on the latest technology innovations and possibilities, understanding how key technologies can help address security issues. (experience)
- Strong ability to prioritize to achieve target dates. (experience)
- Possesses excellent verbal and written communication and presentation skills in English. (experience)
Preferred Qualifications
- Knowledgeable in ISO standards 27001/27002 is a plus (experience)
- CompTIA PenTest +, CISSP, CISA, CEH, GCIH or GPEN certification would be a plus (experience)
- Understand technologies and issues on systems reliability, security, and disaster recovery (experience)
Responsibilities
- Enforce Security by Design on all phases of Software Development Life Cycle.
- Monitor and validate progress on the remediation implemented to address outstanding issues/vulnerabilities
- Manages internal and external VAPT engagements conducted by external vendor. Ensures closure of audit finding.
- Review result and methodology from vulnerability scan and penetration test conducted by vendor
- Perform manual or automated tests to validate remediation
- Perform technical and security reviews on assets impacting operations of applications
- Work with internal teams to resolve security findings on applications
- Take the corrective action needed to meet the standards required by security policy, procedures, network architectures and software design
- Promote security awareness program on secure coding and systems development life cycle
- Other tasks or duties that may be assigned in line with the Information Security Program
Benefits
- general: Competitive salary
- general: Health insurance
- general: Professional development opportunities
- general: Partnership with Metrobank
Answer 10 quick questions to check your fit for Application Cyber Security Officer @ AXA.
Related Books and Jobs
Application Cyber Security Officer
AXA
Application Cyber Security Officer
Job Description
Job ID: 250005GQ
Entity: AXA Asian Market
Job Purpose:
The Application Cyber Security Officer is responsible in assisting the IT Operations and Security Head in the effective implementation of Information Security program and mandate to ensure the confidentiality, integrity, and availability of AXA Philippines’ corporate information assets with focus on applications.
Key Accountabilities:
Enforce Security by Design on all phases of Software Development Life Cycle.
Monitor and validate progress on the remediation implemented to address outstanding issues/vulnerabilities
Manages internal and external VAPT engagements conducted by external vendor. Ensures closure of audit finding.
Review result and methodology from vulnerability scan and penetration test conducted by vendor
Perform manual or automated tests to validate remediation
Perform technical and security reviews on assets impacting operations of applications
Work with internal teams to resolve security findings on applications
Take the corrective action needed to meet the standards required by security policy, procedures, network architectures and software design
Promote security awareness program on secure coding and systems development life cycle
Other tasks or duties that may be assigned in line with the Information Security Program
Key Customers:
Local Users of AXA applications
IT Service Delivery Team and Solution Delivery Teams
Business owners and Product owners
Vendors
Auditors
Regional/Group Security
Dev team
Working Relationships within Business Unit:
Work with CSO, CIO, IT Operations and Security Head, IT Security Director and Group Operations Security Leaders to gain a clear understanding on the overall corporate direction with regards to security initiatives and control implementation.
Work with regional and local IT team heads to ensure they carry out the planned actions and projects to mitigate IT security risks.
Work with business department heads to ensure that security is taken into consideration and implement the required actions that fall within the business area.
Work with Regional/Group audit team for Pen test report
Coordinates with the application developers and owners for remediation
Qualifications:
University degree in Computer Science or related fields.
Knowledge of software designs and how to secure them
Knowledgeable in VAPT tools
Knowledge in analyzing and securing web and API / application designs
Experience in application security / assurance testing
Knowledgeable in Top 10 OWASP
Ability to audit vulnerabilities and mitigate risks
Background in managing and protecting systems against threats
Experience:
A minimum of two-year experience either a combination of the following field of Information Security, Technology Risk, or IT Audit.
Able to develop a clear understanding of clients and customers’ technology needs.
Understand the linkage between information technology and business value.
Conversant and knowledgeable on the latest technology innovations and possibilities, understanding how key technologies can help address security issues.
Strong ability to prioritize to achieve target dates.
Possesses excellent verbal and written communication and presentation skills in English.
Optional/Good to Have:
Knowledgeable in ISO standards 27001/27002 is a plus
CompTIA PenTest+, CISSP, CISA, CEH, GCIH or GPEN certification would be a plus
Understand technologies and issues on systems reliability, security, and disaster recovery
Please visit www.axa.com.ph/careers for more information.
A global leader in insurance and investments, AXA takes care of 103 million lives in 64 countries worldwide. We actively invest in pioneering and personalized solutions to meet your ever-changing needs and exceed your expectations. In the Philippines, we are in partnership with Metrobank, one of the country's strongest banks.
Established in 1999, AXA Philippines is one of the largest and fastest growing life insurance companies in the country. It offers financial security to more than one million individuals through its group and individual life insurance as well as general insurance products through its subsidiary Charter Ping An.
AXA Philippines is one of the first to introduce bancassurance operations in the country, and is among the pioneers in the investment-linked insurance sector.
AXA now offers a complete range of products for all its customers’ insurance and financial protection needs, including savings and investments, health plans, income protection, and health coverage; and through its general insurance subsidiary Charter Ping An Insurance Corporation: fire, motor car, marine cargo, personal accident, bonds, casualty, and engineering insurance products.
AXA Philippines closed 2017 with P26.4 billion in total premium income and P5.7 billion in gross written premiums from Charter Ping An. Today, AXA has more than 4,000 financial advisers in 36 branches, and 700 financial executives in over 900 Metrobank and PSBank branches nationwide. Charter Ping An, on the other hand, has 22 branches nationwide and 2,007 agents.
AXA Philippines is a joint venture between the AXA Group, headquartered in France, and the Metrobank Group, one of the largest financial conglomerates in the Philippines.
The Metrobank Group is a conglomerate of industry-leading businesses that includes First Metro Investment Corporation, Metrobank Credit Cards, Federal Land, Toyota, and Manila Doctors Hospital. It was hailed Best Bank in the Philippines in 2010, 2011, and 2012 by Euromoney and recognized as the strongest bank in the Philippines by The Asian Banker in 2013. It is owned by the Ty Family whose major business interests include financial services, real estate development, power, and manufacturing.
Locations
- MAKATI CITY, Philippines 1226
Salary
900,000 - 1,500,000 PHP / yearly
Skills Required
- Knowledge of software designs and how to secure themintermediate
- Knowledgeable in VAPT toolsintermediate
- Knowledge in analyzing and securing web and API / application designsintermediate
- Experience in application security / assurance testingintermediate
- Knowledgeable in Top 10 OWASPintermediate
- Ability to audit vulnerabilities and mitigate risksintermediate
- Background in managing and protecting systems against threatsintermediate
- Excellent verbal and written communication and presentation skills in Englishintermediate
Required Qualifications
- University degree in Computer Science or related fields. (experience)
- Knowledge of software designs and how to secure them (experience)
- Knowledgeable in VAPT tools (experience)
- Knowledge in analyzing and securing web and API / application designs (experience)
- Experience in application security / assurance testing (experience)
- Knowledgeable in Top 10 OWASP (experience)
- Ability to audit vulnerabilities and mitigate risks (experience)
- Background in managing and protecting systems against threats (experience)
- A minimum of two-year experience either a combination of the following field of Information Security, Technology Risk, or IT Audit. (experience)
- Able to develop a clear understanding of clients and customers’ technology needs. (experience)
- Understand the linkage between information technology and business value. (experience)
- Conversant and knowledgeable on the latest technology innovations and possibilities, understanding how key technologies can help address security issues. (experience)
- Strong ability to prioritize to achieve target dates. (experience)
- Possesses excellent verbal and written communication and presentation skills in English. (experience)
Preferred Qualifications
- Knowledgeable in ISO standards 27001/27002 is a plus (experience)
- CompTIA PenTest +, CISSP, CISA, CEH, GCIH or GPEN certification would be a plus (experience)
- Understand technologies and issues on systems reliability, security, and disaster recovery (experience)
Responsibilities
- Enforce Security by Design on all phases of Software Development Life Cycle.
- Monitor and validate progress on the remediation implemented to address outstanding issues/vulnerabilities
- Manages internal and external VAPT engagements conducted by external vendor. Ensures closure of audit finding.
- Review result and methodology from vulnerability scan and penetration test conducted by vendor
- Perform manual or automated tests to validate remediation
- Perform technical and security reviews on assets impacting operations of applications
- Work with internal teams to resolve security findings on applications
- Take the corrective action needed to meet the standards required by security policy, procedures, network architectures and software design
- Promote security awareness program on secure coding and systems development life cycle
- Other tasks or duties that may be assigned in line with the Information Security Program
Benefits
- general: Competitive salary
- general: Health insurance
- general: Professional development opportunities
- general: Partnership with Metrobank
Answer 10 quick questions to check your fit for Application Cyber Security Officer @ AXA.
Related Books and Jobs