Assistant Information Security Manager
You should ideally;
- possess a degree/full professional qualification in the field of Information Security or Computer Technology. Willingness to pursue CISSP, CISM, GIAC, Offensive Security or CSXP within a defined time frame if already not completed.
- possess 3 years of post qualifying experience in Information / Cyber Security, Technology Control Audit or Security Architecture review including a minimum of one year professional experience in web and mobile application security, penetration testing, vulnerability and impact assessment
- possess exposure to web and mobile application security, penetration testing, vulnerability and impact assessment.
- have a fair knowledge of common security requirements within ASP.NET & Java applications and Cyber Security risk management.
- have a strong understanding of the technology implications and regulations of security standards such as BSS, ISO 27001, CBSL Payment Related Mobile Application Guidelines, OWASP top 10 and PCI-DSS.
You will be responsible for;
- identifying weaknesses and vulnerabilities that affect the confidentiality, integrity and availability of corporate information and systems.
- discovery of threats by using static and dynamic analysis tools.
- ensuring that security concerns are addressed during system implementations and work closely with system deployment teams to pen test new features within business applications.
- conducting security assessments against web & mobile applications and APIs across a variety of technology stacks.
Please apply via e-mail by sending a DFCC Bank application form which could be downloaded from our website to firstname.lastname@example.org with the post applied for in the subject by 7 March 2019.
Canvassing in any form will result in disqualification.
Correspondence will only be with the short-listed candidates.
Vice President (Human Resources)
DFCC Bank PLC, 73/5 Galle Road, Colombo 03
website – www.dfcc.lk