Taguig, Manila, PH
64 days ago
Security Test Engineer/Infosec Analyst

Responsibilities include:

Build effective relations and engage in business security activities like vulnerabilities assessment, engage in third party penetration tests, DAST, SAST, security testing. Lead the responses for the information security RFI/RFPs for various applications. Provide feedback on security contracts and client audits.  Support annual Segment self-assessment working with senior leadership in the team. Track the compliance with information security strategies when migrating applications into a cloud environment. Work with development and internal IT teams to ensure compliance to WTW security standards.  Manage and oversee ad hoc projects related to enhancing information and data security controls for business to meet compliance. Implement, test and operate advanced software security tools and techniques. Maintain technical documentation. Collaborate with other development teams to ensure that Security Testing activities provide the highest benefits. Help security/infosec move towards left in SDLC.

The Requirements

Expert understanding of all aspects of information security principles, policy and its application in business and technology areas (at least 2 years of experience).2+ years prior hands-on experience in a Security Engineer/Security Tester/Information Security Analyst role. Experienced in security testing and understanding of information security concepts for cloud-based applications. Hands-on manual web application testing experience with industry standard tools (eg. Kali Linux or similar)Experience working in cross-functional virtual teamsEffective communication and documentation skillsExperience with client or internal stakeholder communication with respect to security assessments, controls, supporting client audit activities, third party penetration test etc.Client focus: ability to engage positively with WTW clients and business stakeholders. Proficient in the use of security testing tools for SAST, DAST, SCA, security testing etc. (eg. - Netsparker, Checkmarx, CredScan, Burp Suite, OWASP ZAP, Qualys, etc.)Interest in all aspects of security research and development and assist in recommending testing tools for the team.Bachelor’s Degree in Computer Science, Engineering, Information Systems, or related field; Experience with testing products on any of the following technology: C#, SQL, Angular, jQuery, web services or similar.

Equal Opportunity Employer

Confirm your E-mail: Send Email