This role is to provide expert guidance on incorporating security into systems/applications changes and technological transformations. It ensures that all new initiatives, projects, and operational adjustments are aligned with robust cybersecurity requirements, helping to mitigate risks while enabling business growth. By collaborating with cross-functional teams, the role translates complex security regulations and frameworks into actionable requirements for system design, development, and implementation.
The role includes implementing DevSecOps principles, tools, and practices to integrate security throughout the software development lifecycle. This encompasses automating security tools, monitoring threats, and conducting regular risk assessments to proactively address vulnerabilities. By bridging strategic advisory and technical implementation, the role strengthens the bank’s cybersecurity posture, safeguards customer data, and ensures resilience against evolving threats in the fast-paced banking sector.
Key Responsibilities
1. Collaborate with business leaders, project teams, and IT stakeholders to identify and define security requirements for new initiatives, system upgrades, and process changes.
2. Conduct security assessments for proposed projects or changes, identifying risks and recommending mitigations early in the lifecycle.
3. Act as a subject matter expert (SME) for incorporating security best practices into transformation initiatives, such as cloud migration, digital banking, and AI adoption.
4. Act as the primary liaison between the advisory function and technical implementation teams to ensure seamless alignment of strategies and execution.
5. Oversee the implementation of automated security testing tools, such as SAST, DAST, and container security solutions, for ongoing risk detection in CI/CD pipelines..
6. Develop secure coding practices and standards in line with regulatory requirements.
7. Propose secure configurations for new deployments, including containerized and cloud-native environments.
8. Conduct regular threat modelling and risk assessments.
9. Facilitate workshops and training sessions to improve awareness of security requirements including secure development practices among stakeholders involved in change management.
10. Stay updated on the latest DevSecOps tools, technologies, and regulatory compliance.
Qualifications
Currently, there aren't any salaries for this role at CIMB Niaga shared by other job seekers.
View more salaries from CIMB Niaga →Achieve your dream job with our top-notch tools!
Resume Checker
Our free resume checker analyzes the job description and identifies important keywords and skills missing from your resume in just a minute!
AI InterviewPrep
Utilizing advanced AI, our tool generates tailored interview questions based on your industry, role, and experience. Practice and receive feedback on your answers in real time!
Resume Builder
Let us show you the differences between a bad, good, and great resume, and guide you in building a resume that helps you stand out to employers, ensuring you land your next position faster!