BNY Mellon Careers

Principal Information Security Analyst - Application Security

Singapore, Singapore
Information Technology


Job Description

  • Consults with other IT areas and the businesses and provides professional support for major components of the company's information security infrastructure.
  • Contributes to the development and implementation of security architecture, standards, procedures and guidelines for multiple platforms.
  • Consults with the business and operational infrastructure personnel regarding new and existing technologies.

  • Recommends new security tools to management and reports and provides guidance and expertise in their implementation.

  • Reviews and analyzes complex data and information to provide insights, conclusions and actionable recommendations provides direction and guidance on reports and analyses and ensures recommendations are aligned with customer/business needs and capabilities.

  • Ensures that all significant security concerns are addressed.

  • Recommends course of action to mitigate risk and ensures that appropriate standards are established and published.

  • Contributes to the achievement of area objectives.

BNY Mellon’s Application Security Community of Excellence presents a unique opportunity to application developers with to come into a highly visible and critical role within the organization. The role will involve a diverse set of responsibilities like running static analysis, onboarding new security technologies, offering training and support to Application Developers to become Application Security Experts and Ethical Hackers, and more. 

 

The candidate must be willing to undergo training and certification as an expert in the field of application and web application security.  The training will be provided to the candidate.

Qualifications

  • Degree in Computer Science or Information Technology preferred
  • At least five years of experience in application development in the following areas:
    • Java/J2EE or C++/C#
    • HTML, Javascript, REST API
    • Experience with .NET framework a plus
    • Experience with SQL and relational databases
    • Experience with fixing application security issues like Cross Site Scripting and SQL Injections is a must 
  • Experience with the following tools and platforms
    • Jira required
    • Secure Code Warrior Training platform a plus
    • Developing secure requirements and threat models utilizing ThreatModeler (a plus)
    • Prevoty Runtime Application Self Protection (RASP) a plus
  • Certifications (a plus)
    • CISSP, GSEC, GSSP-JAVA; GSSP-NET

Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred 10-12 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.


BNY Mellon is an Equal Employment Opportunity Employer.

Primary Location: Singapore-Singapore-Singapore
Job: Information Technology
Internal Jobcode: 60183
Organization: Information Security-HR11724
Requisition Number: 1908906