Application Security Manager at an Indigenous Financial Institution – PricewaterhouseCooper (PwC) Nigeria
PricewaterhouseCoopers is a multinational professional services network of firms headquartered in London, United Kingdom, operating as partnerships under the PwC brand.
Job Title: Application Security Manager
Reference Number: 130-PEO01134
Department: People & Change Nigeria
Job type: Permanent
Roles & Responsibilities
- Develop and maintain application security baseline and standards across all applications within the Organisation.
- Responsible for enforcing application security controls in line with PCI DSS and ISO 27001 standards.
- Conduct risk assessments on in house and third-party applications.
- Responsible for ensuring all newly deployed applications into production environments are adequately tested and critical vulnerabilities observed are properly addressed before Go-Live.
- Conduct Static Code Reviews and security testing from design stage of new application development to ensure vulnerabilities are identified and corrected at the early stage of the development lifecycle.
- Conduct regular dynamic application security testing on production applications to identify and facilitate remediation of vulnerabilities.
- Responsible for integrating security tools, standards and processes into the software development lifecycle (SDLC) and DevOps frameworks.
- Provide security framework for application related projects and liaise with stakeholders to improve secure coding development standards across the organisation.
- Develop a framework for testing third party Application programming interfaces (APIs) and their integration with applications within the organisation’s environment.
- A minimum of a degree in Computer Science / Engineering , Information Technology, Electrical Engineering or a related field from a recognized University.
- Professional Certifications in CISSP or CISM will be an added advantage.
- A Second degree is an added advantage
- Minimum of Eight (8) years of relevant IT work experience which may include Information Security, IT Infrastructure Management, IT Vendor Assessment and over two (2) years in a managerial role