Technical Security Assurance Manager (L1)
One of the world's largest insurance companies is looking for a talented and strong Technical Security Assurance Manager with in-depth understanding of application security best practices, industry standards, and regulatory requirements (e.g., PCI DSS, HIPAA, GDPR).
- Lead and manage a team of application security professionals, providing guidance, mentoring, and support in the execution of their responsibilities
- Develop and implement a comprehensive application security strategy and roadmap to protect our applications, systems, and networks
- Conduct regular security assessments and penetration testing of applications, identifying vulnerabilities and potential risks
- Collaborate with development teams to integrate secure coding practices and security controls into the software development life cycle (SDLC)
- Perform code reviews and security testing to identify and remediate security vulnerabilities in applications
- Support to develop and deliver application security training and awareness programs
- Collaborate with stakeholders across the organization, including developers, system administrators, and project managers, to ensure the effective implementation of security controls
- Develop and maintain security policies, standards, and procedures related to application security
- Review and approve application security review requests for network, application exceptions and risks
- Prepare and present regular reports and metrics on the state of application security to senior management and stakeholders
Our client is one of the world's largest insurance - financial groups, trusted by over 50 million customers. The company provides various financial protections including general insurance, life insurance, retirement funds, and inheritance throughout the lifetime for individual customers, small businesses, and large companies.
Hybrid Remote (Office & WFH)
Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Other Special Holidays
【Services / Benefits】
Social insurance, Transportation Fee, No smoking indoors allowed (Designated smoking area), etc.
- Proven experience in application security, including hands-on experience with secure coding, vulnerability assessments, and penetration testing
- Strong knowledge of web application security vulnerabilities (OWASP Top 10) and associated mitigation techniques
- In-depth understanding of application security best practices, industry standards, and regulatory requirements (e.g., PCI DSS, HIPAA, GDPR)
- Experience in leading and managing a team of security professionals, providing guidance and support in a dynamic environment
- Proficiency in security assessment tools and techniques, such as static analysis, dynamic analysis, and manual code reviews
- Strong communication and interpersonal skills, with the ability to communicate complex security concepts to technical and non-technical stakeholders