Applications Security Manager
Would you like to be part of the most international company in the world? A company operating in more than 220 countries worldwide, and has been pioneering cross-border express shipping since 1969. Would you like to be part of a business that connects people across the globe? And the more we connect, the better life on Earth becomes. Do you want to make a difference? If you have answered Yes! to the above, join our Insanely Customer-Centric team now! For more information on DHL Express, please visit workingatdhl.com.
DHL Express Global Head Office has an opening, Applications Security Manager to be based in Singapore. The Applications Security Manager is responsible to provide functional input for the Application Security framework, ensuring the development and management of application security policies, standards and regulations, best practice guidelines and support tools is in line with the Deutsche Post DHL security policies and DHL Express IT strategy, ensuring implementation of fit for purpose application security program globally.
The role is part of the Global Business IT team (Cyber Security) in DHL Express Global Head Office. The role will be based in Singapore.
In this role, you will:
• Define implementation needs for security in all projects and drive implementation globally.
• Drive global awareness trainings and implementation of the Enterprise Global Application Platform Security Seal standard.
• Provide regular reporting to Chief Information Security Officer and IT Executive Committee to ensure appropriate visibility to existing and new application vulnerabilities.
• Ensure appropriate risk mitigation actions and plans are developed by Business IT team, IT Services team and its IT service suppliers.
• Represent the DHL Express Information Security and Data Protection organization and serve the entry point for the application security assessment, risk assessment and treatment process for customers.
• Participate in Information Security forums to ensure approach is up-to-date with leading edge industry thinking.
• Report the effectiveness of Application Security to the Management team with explicit focus on high risk / high impact assessments and actions being taken for mitigation.
• Provide guidance and direction to the Audit function on potential information risk exposure.
• Coordinate application security assessment activities with entities within Express and external suppliers/customers.
• Provide input to the design and development of management practices and solutions selected from the information security risk treatment plan.
• Perform Information Security Exemption Management for high or critical risks jointly with business partners.
• Maintain an Information Security reporting plan for the areas within his/her responsibility.
• Analyze IT Systems/Application in regards to confidentiality, integrity and availability.
• Support risk owners in identifying and assessing threats to IT systems and technologies.
• Implement a systematic and structured application security risk assessment process.
• Ensure application threat and vulnerability evaluations are conducted periodically.
• Identify and evaluate periodically information security controls and counter-measures to mitigate risks to acceptable levels.
• Integrate risk, threat and vulnerability identification into life cycle processes (for e.g. development, procurement, service design).
• Report significant change(s) in application risk to appropriate levels of management and follows-up to ensure remediation.
Here’s what we need from you:
• Minimum 8 to 10 years in a relevant information security role, within a multi-national, multi-cultural environment.
• Minimum 5 years’ experience in leading and implementing application security management processes and frameworks.
• Minimum 5 years’ experience in application security testing (static/dynamic penetration test, active threat hunting experience is advantageous).
• Proven experience in implementing application security policies and risk mitigation actions.
• Broad understanding of IT security and its impact on the business.
• Strong stakeholder management, proven experience in developing and managing all defined communication channels/stakeholder groups.
• Strong written and communications skills.
• Sound analytic and reasoning skills.
• Seasoned professional in Secure Software Development Lifecycle.
• Demonstrate in-depth knowledge of IT Security practices and methodologies.
• Bachelor’s degree in relevant disciplines.
• Relevant information security accreditation (e.g. CEH, CISSP, CISM, CISA,CRISC or equivalent experience) is advantageous.
Facts and Figures
DHL Express Regional Office Asia Pacific
Work Permit Required