IT Security Officer

Proactively monitors and assesses the security levels of IT applications developed and/or maintained by the IT Hub in India (Chennai) and in Singapore.

Participate to IT project reviews conducted both on a global and local basis across all platforms. This requires the incumbent to foster close working relationships with other business areas and IT Development/Production teams.

Main Responsibilities:

• Working with business application project teams to ensure IT security compliance with group, business line or territory policies
• IT Security risk assessment of business application projects
• Contributing to IT security-related architecture committees 
• Keeping records of security inventories such as security risk assessment files, security cartography, application inventory, etc
• Coordination with IT teams and other security teams at the project level
• Periodic reporting of security status to IT Security Domain Head
• Source-code review on critical applications in Security

Functional knowledge

• Good understanding of various banking business domains -

Technical skills

• Network protocols and network connectivity concepts; Firewall and Internet technologies - Deep Knowledge
• Secure application design and architecture principles - Deep Knowledge
• Secure access control mechanisms: Encryption and Key Management techniques - Deep Knowledge
• Various Operating Systems and Databases - Deep Knowledge
• Knowledge of understanding digital transformation and mobile technologies and Cloud - Deep Knowledge
• Knowledge of emerging technologies - Good
• Knowhow of ASIA regulatory requirements - Good
• IT Security Risk Assessment and Risk Management - Good
• Knowledge of security principles like, security by design - Good
• Knowledge in technologies like OAuth, Single Sign On, API based approach, TDD, BDD - Good

Qualifications and Experience :

• Extended knowledge of IT Security concepts.
• Experience in the IT industry with a strong background in computer operations, software development, and network administration.
• Knowledge in Project Management.
• Must be able to handle customers in a confident, positive and responsive manner.
• To know how to define an action plan and to follow up on progress.
• To be organized and meticulous.
• Good communication, technical writing/diagramming skills.
• Must be motivated, and able to work independently as well as part of a team.
• Must demonstrate ethical responsibility, maturity, and discretion.

Other Value-added Competencies :

• Experience in banking application development environments is a plus