EY Application Security Engineer (DevSecOps), Advisory, Singapore in Singapore, Singapore
Application Security Engineer (DevSecOps), Advisory, Singapore
Requisition # SIN003XM
Post Date Jun 06, 2018
Our clients are faced with external pressures on an unprecedented scale. The ability to translate strategy into reality is key to their enhanced business performance. As an advisory professional, you will be focused on helping them achieve this goal.
You’ll work in high-performing teams that deliver exceptional client service, enabling organizations to grow, innovate, protect and optimize their business performance – playing your part in building a better working world.
We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Your key responsibilities
As an Application Security Engineer, you will assist our clients with defining, rolling out and implementing DevSecOps within their processes, teams and tooling. This is a role where you will aim to embed security in every part of the development process, leveraging automated tools and workflows within the CI/CD release process.
Skills and attributes for success
Define DevSecOps implementation strategies tailored to the client’s needs, engaging with the various takeholders
Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments
Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in their applications
Perform source code reviews using SAST
Assist with implementing and designing automated security checks within the CI/CD
Analyze penetration testing reports and provide a mitigation strategy to prevent the issue from occurring in the first place (left shifting)
Consistently deliver quality client services and manage expectations of client service delivery.
Drive high-quality work products within expected timeframes and on budget.
Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
Stay abreast of current business and industry trends relevant to the client's business.
Develop and maintain long-term relationships and networks with clients and internal EY stakeholders
Demonstrate deep technical capabilities and professional knowledge.
Possess in depth business acumen and demonstrate ability to quickly assimilate to new knowledge.
Review and Assess controls associated with Operational Technologies and IoT (Internet of Things) security
Remain current on new developments in advisory services capabilities and industry knowledge.
To qualify for the role you must have
A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent
Have at least one year of relevant working experience in a release management or development job
Knowledge in application security testing
Knowledge in understanding of Agile, Waterfall, DevOps, infrastructure as code
Able to program or script
Strong interest in the field of information security
Creative, independent with good problem solving skills
Strong analytical, interpersonal, communication and writing skills
Willingness to travel on overseas assignment as the need arises
Ideally, you’ll also have
Professional certifications such as CSSLP, SCRUM, Fortify Certification
Experience with cloud platforms such as AWS, Azure or OpenShift
What we look for
Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident team player that collaborates with people from various teams while looking to develop your career in a dynamic organization.
What working at EY offers
We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. We also offer you:
Support, coaching and feedback from some of the most engaging colleagues around
Opportunities to develop new skills and progress your career
The freedom and flexibility to handle your role in a way that’s right for you
As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world. Apply now.