欲随时了解新空缺职位
    加入我们的人才交流群

    Security Test Engineer/Infosec Analyst

    Philippines. Taguig, Metro Manila, Philippines

    Security Test Engineer/Infosec Analyst

    • 202406901
    • Philippines
    • Taguig, Metro Manila, Philippines
    • Closing on: Jan 23 2025

    Description

    Responsibilities include:

    • Build effective relations and engage in business security activities like vulnerabilities assessment, engage in third party penetration tests, DAST, SAST, security testing.
    • Lead the responses for the information security RFI/RFPs for various applications.
    • Provide feedback on security contracts and client audits. 
    • Support annual Segment self-assessment working with senior leadership in the team.
    • Track the compliance with information security strategies when migrating applications into a cloud environment. Work with development and internal IT teams to ensure compliance to WTW security standards. 
    • Manage and oversee ad hoc projects related to enhancing information and data security controls for business to meet compliance.
    • Implement, test and operate advanced software security tools and techniques. Maintain technical documentation.
    • Collaborate with other development teams to ensure that Security Testing activities provide the highest benefits. Help security/infosec move towards left in SDLC.

    Qualifications

    The Requirements

    • Expert understanding of all aspects of information security principles, policy and its application in business and technology areas (at least 2 years of experience).
    • 2+ years prior hands-on experience in a Security Engineer/Security Tester/Information Security Analyst role. 
    • Experienced in security testing and understanding of information security concepts for cloud-based applications. 
    • Hands-on manual web application testing experience with industry standard tools (eg. Kali Linux or similar)
    • Experience working in cross-functional virtual teams
    • Effective communication and documentation skills
    • Experience with client or internal stakeholder communication with respect to security assessments, controls, supporting client audit activities, third party penetration test etc.
    • Client focus: ability to engage positively with WTW clients and business stakeholders. 
    • Proficient in the use of security testing tools for SAST, DAST, SCA, security testing etc. (eg. - Netsparker, Checkmarx, CredScan, Burp Suite, OWASP ZAP, Qualys, etc.)
    • Interest in all aspects of security research and development and assist in recommending testing tools for the team.
    • Bachelor’s Degree in Computer Science, Engineering, Information Systems, or related field; 
    • Experience with testing products on any of the following technology: C#, SQL, Angular, jQuery, web services or similar.

    Equal Opportunity Employer

    Apply Now

    不是你?

    谢谢

    自主投递说明

    自主投至韦莱韬悦公司网站或员工企业邮箱的个人简历或申请人档案将视为归韦莱韬悦所有,我们无需为此向代理招聘机构支付费用。韦莱韬悦授权的代理招聘机构或猎头公司须持经由韦莱韬悦授权招聘官签署的有效正式书面合同,且须仍与韦莱韬悦保持合作关系。简历须按照我们的申请人提交流程进行提交,包括针对特殊招聘提交的简历。代理招聘机构或公司如不按申请流程提交简历,韦莱韬悦将不会为此支付招聘费用。韦莱韬悦提倡公平招聘。如您希望我们保存您的联系信息,以备日后有合适机会时与您联系,请发送邮件至:Agency.inquiries@willistowerswatson.com

    我们的机构

    我们的同事遍及全球140多个国家及市场。我们的业务已基本全面实现国际化,为协作与发展创造了绝佳机遇。查看以下地图,了解韦莱韬悦可以在哪里为您提供机遇。

    认识我们的员工