Deskripsi Pekerjaan
The Monetary Authority of Singapore (MAS) is seeking a highly skilled GRC Application Security Specialist to strengthen our cybersecurity defenses and governance frameworks. In this contract role, you will be instrumental in developing robust IT risk governance strategies and enhancing the security posture of our critical financial systems. You will act as a key liaison between technical engineering teams and regulatory bodies, ensuring that MAS remains at the forefront of fintech security innovation. This position offers a unique opportunity to influence national cybersecurity standards while working in a dynamic, high-stakes environment.
As a GRC Application Security Specialist, you will drive the adoption of best-in-class security practices, manage security risks associated with new and existing applications, and ensure compliance with Singapore's stringent regulatory requirements. If you are a strategic thinker with deep technical expertise in application security and a passion for safeguarding the nation's financial infrastructure, we invite you to apply.
Tanggung Jawab
- Lead the governance, risk, and compliance (GRC) initiatives specifically focused on application security across the Monetary Authority of Singapore.
- Conduct comprehensive application security assessments, including code reviews, threat modeling, and penetration testing, to identify vulnerabilities in software development.
- Manage the vulnerability management lifecycle, ensuring timely remediation and tracking of security issues within the MAS IT ecosystem.
- Collaborate with software development teams to integrate security controls into the Secure Software Development Life Cycle (SDLC).
- Develop and maintain policies and procedures for application security, ensuring alignment with ISO 27001, NIST, and MAS cybersecurity standards.
- Perform security reviews of third-party software and services to assess risk and ensure compliance with contractual obligations.
- Report on security incidents, risks, and compliance status to senior management and regulatory stakeholders.
Kualifikasi
- Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related technical field.
- Minimum of 5-7 years of proven experience in Application Security, GRC, or IT Risk Management, preferably within the financial services sector.
- Strong working knowledge of cybersecurity frameworks such as NIST CSF, ISO 27001, and MAS Cybersecurity Code of Practice.
- Proficiency in using security tools (e.g., DAST, SAST, SCA tools) and scripting languages (e.g., Python, Java, JavaScript).
- Deep understanding of the OWASP Top 10 vulnerabilities and secure coding principles.
- Excellent analytical and problem-solving skills with the ability to translate complex technical risks into clear business implications.
- Strong interpersonal and communication skills, with the ability to influence cross-functional teams and senior stakeholders.