Our client, one of the biggest technology companies in Asia, is seeking a highly skilled Cyber Security Lead to lead a team of application security professionals responsible for protecting their technology and application. You will work at the intersection of cybersecurity and development teams to ensure robust security standards are in place.
In this role, you will get to:
Lead Product Security Initiatives
Define and enforce security standards within product development, ensuring that products and services meet high security benchmarks.
Collaborate with cross-functional teams to integrate security protocols and processes within the software development lifecycle.
Establish and maintain security tools and best practices, protecting user data, corporate assets, and intellectual property.
Develop and Implement Security Solutions
Design and build scalable security frameworks that address specific threats, balancing off-the-shelf tools with custom solutions to tackle unique challenges.
Integrate automated security measures into CI/CD pipelines, enabling rapid and secure product releases.
Evaluate and implement new technologies and methodologies to strengthen the security posture across product lines.
Cultivate a Security-Driven Culture
Mentor and guide a team of 4-5 security engineers, fostering continuous learning and proactive risk mitigation.
Promote secure coding practices and provide technical leadership in secure architecture design.
Work closely with the engineering teams to embed a culture of security awareness and best practices throughout the organization.
You'll be successful if you have:
At least 10 years in product security
Demonstrated experience as a team leader, capable of motivating, guiding, and developing security professionals.
Comprehensive knowledge of security vulnerabilities, including OWASP Top 10, SANS Top 25, and CWE, along with experience addressing business logic issues (e.g., IDOR, price manipulation).
Up-to-date awareness of emerging threats, such as DDoS, ransomware, and supply chain attacks, and the ability to implement strategies to counter these risks.
Practical experience in software development (SSDLC), with hands-on proficiency in security testing and application frameworks.
A collaborative and solutions-oriented approach, with excellent communication skills to engage with both technical teams and senior stakeholders.
