EY Application Security Engineer (DevSecOps), Advisory, Singapore in Singapore, Singapore

Application Security Engineer (DevSecOps), Advisory, Singapore


Requisition # SIN003XM

Post Date Jun 06, 2018

Our clients are faced with external pressures on an unprecedented scale. The ability to translate strategy into reality is key to their enhanced business performance. As an advisory professional, you will be focused on helping them achieve this goal.

The opportunity

You’ll work in high-performing teams that deliver exceptional client service, enabling organizations to grow, innovate, protect and optimize their business performance – playing your part in building a better working world.

We believe that you should own and shape your career. But we’ll provide the support and opportunities to develop the skills, knowledge and experience to succeed. The strength of our global network, combined with local empowerment and a relentless focus on winning in specific markets, means you’ll interact and team with individuals from various geographies and sectors. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Your key responsibilities

As an Application Security Engineer, you will assist our clients with defining, rolling out and implementing DevSecOps within their processes, teams and tooling. This is a role where you will aim to embed security in every part of the development process, leveraging automated tools and workflows within the CI/CD release process.

Skills and attributes for success

  • Define DevSecOps implementation strategies tailored to the client’s needs, engaging with the various takeholders

  • Evaluate and analyze threat, vulnerability, impact and risk to security issues discovered from security assessments

  • Advise clients on the security issues, including explanation on the technical details and how they can remediate the vulnerabilities in their applications

  • Perform source code reviews using SAST

  • Assist with implementing and designing automated security checks within the CI/CD

  • Analyze penetration testing reports and provide a mitigation strategy to prevent the issue from occurring in the first place (left shifting)

  • Consistently deliver quality client services and manage expectations of client service delivery.

  • Drive high-quality work products within expected timeframes and on budget.

  • Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.

  • Stay abreast of current business and industry trends relevant to the client's business.

  • Develop and maintain long-term relationships and networks with clients and internal EY stakeholders

  • Demonstrate deep technical capabilities and professional knowledge.

  • Possess in depth business acumen and demonstrate ability to quickly assimilate to new knowledge.

  • Review and Assess controls associated with Operational Technologies and IoT (Internet of Things) security

  • Remain current on new developments in advisory services capabilities and industry knowledge.

To qualify for the role you must have

  • A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent

  • Have at least one year of relevant working experience in a release management or development job

  • Knowledge in application security testing

  • Knowledge in understanding of Agile, Waterfall, DevOps, infrastructure as code

  • Able to program or script

  • Strong interest in the field of information security

  • Creative, independent with good problem solving skills

  • Strong analytical, interpersonal, communication and writing skills

  • Willingness to travel on overseas assignment as the need arises

Ideally, you’ll also have

  • Professional certifications such as CSSLP, SCRUM, Fortify Certification

  • Experience with cloud platforms such as AWS, Azure or OpenShift

What we look for

Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident team player that collaborates with people from various teams while looking to develop your career in a dynamic organization.

What working at EY offers

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. We also offer you:

  • Support, coaching and feedback from some of the most engaging colleagues around

  • Opportunities to develop new skills and progress your career

  • The freedom and flexibility to handle your role in a way that’s right for you

About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world. Apply now.