This page was automatically translated and may contain errors. View in English.
এস

Application Security Advisor

SMBC Group

Tralee, County Kerry, Ireland (Hybrid) পূর্ণকালীন

প্রথম আবেদনকারী হোন।

অভিজ্ঞতা
৭+ বছর
বেতন
শূন্যপদ
1
পোস্ট করা হয়েছে
৫ ঘন্টা আগে
কাজের ধরণ
হাইব্রিড
জীবনবৃত্তান্ত
আবেদন করা আবশ্যক

যেখানে আপনি কাজ করবেন

কাজের বিবরণ

About SMBC Group

SMBC Group is a well-established global financial institution headquartered in Tokyo, with a rich history spanning over 400 years. The group encompasses a wide range of financial services including banking, leasing, securities, credit cards, and consumer finance. Operating through more than 130 offices worldwide and employing approximately 80,000 people across nearly 40 nations, SMBC Group is among Japan's top three largest banking conglomerates. Its holding company, Sumitomo Mitsui Financial Group, Inc. (SMFG), is publicly traded on the Tokyo, Nagoya, and New York stock exchanges.

In the Americas, the group maintains a presence in countries such as the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Supported by its extensive capital and Asian market relationships, SMBC provides commercial and investment banking services to a broad spectrum of corporate, institutional, and municipal clients, connecting them to local markets and a vast global network of affiliates.

Role Overview

This hybrid role is based in Tralee, County Kerry, Ireland, with an expectation to attend the office regularly. The Application Security Advisor will be dedicated to ensuring that vulnerabilities identified through code scanning conform with organizational standards, collaborating closely with development teams to guarantee remediation before deployment. This position demands a robust software development background and the capability to interpret and clearly communicate code shortcomings across various programming and scripting languages to technical and non-technical stakeholders. The advisor acts as a subject matter expert, solving complex challenges while adhering to defined policies and procedures, and reports directly to the SMBC AD Head of Application Security.

Key Responsibilities

  • Engage effectively with stakeholders, conveying code-related vulnerabilities and their resolutions to developer teams.
  • Collaborate daily with developers to ensure comprehensive code scanning and reporting, with a focus on SAST, SCA, DAST, IAST, and Container Security concerns.
  • Partner with development and security architecture teams on application security topics including vulnerability mitigation, best practices, and threat modeling.
  • Coordinate with the vulnerability management team to ensure vulnerabilities are properly tracked and validated within agreed service level agreements (SLAs).
  • Produce and deliver executive-level reports detailing the status of the Application Security Program for entities within the Americas Division.
  • Conduct manual testing to validate vulnerabilities or penetration testing results as needed.
  • Be prepared to work outside normal hours, including nights and weekends, as projects and business demands require.

Required Qualifications and Skills

  • Over seven years of professional experience as an Application Security analyst or Application Penetration Tester.
  • Proven track record managing remediation processes, security champion initiatives, and developer engagement programs.
  • Proficiency with multiple programming languages such as C#, C++, Java, Python, and .Net.
  • Strong ability to read and interpret code to identify and explain security weaknesses.
  • Capability to develop code fixes and automation scripts supporting internal cybersecurity initiatives.
  • Experience enhancing CI/CD pipelines to improve code quality and vulnerability detection.
  • At least four years working with Static Application Security Testing (SAST) or Dynamic Application Security Testing (DAST) technologies.
  • Minimum two years' experience with container security and associated technologies.
  • Deep understanding of the Secure Software Development Lifecycle components.
  • Solid knowledge of OWASP Top 10 vulnerabilities and the Common Weakness Enumeration (CWE).
  • Familiarity with common software threats and mitigation approaches.
  • Meticulous process and detail orientation, including the ability to produce detailed process documentation.
  • Experience with Jira and Confluence tools.
  • Bonus skills include bug bounty participation and penetration testing experience.

Additional Information

The role operates within a hybrid working model, allowing employees to split their time between home-based work and office attendance in Tralee. Candidates should reside within a practical commuting distance to the office. Details of the hybrid schedule will be shared during the interview process.

SMBC is committed to equal opportunity and provides reasonable accommodations for applicants with disabilities during the recruitment process upon request.

আপনি যদি উত্তর চান তবে এটি রেখে দিন — আমরা এটি অন্য কোনো কাজে ব্যবহার করব না।

ব্রাউজ করতে ক্লিক করুনড্র্যাগ অ্যান্ড ড্রপ, অথবা পেস্ট একটি স্ক্রিনশট

PNG, JPG, GIF, MP4, WebM, MOV · প্রতিটি সর্বোচ্চ ২০ মেগাবাইট · সর্বোচ্চ ৫টি ফাইল

🤖
অনলাইন · তাৎক্ষণিক এআই সহায়তা