Head Of Product Security

Our executive search client is one of the most progressive digital banks in the Philippines now.

• JOB DESCRIPTION
• Develop, integrate, and manage the product (mobile app / mobile) security team.

Directs and mentors staff in identifying, developing, implementing, and maintaining security programs and practices across the product development and production environments

• Develop, integrate, and manage the product security programs and capabilities to an industry-leading position, finding opportunities to improve our existing approach, and helping to guide the team to unlock that potential
• Develop, integrate, and manage UnionDigital Bank's mobile app / mobile security development lifecycle
• Research and advocate for new UnionDigital Bank's mobile app / mobile security solutions and technologies
• Conduct manual source code business security audits
• Research of security technologies and security attack and defense solutions for mobile and mobile app
• Develop and adopt Security and Compliance tools and processes for AWS, API, Kubernetes and 3rd party's tools, and work with DevSecOps to enforce it
• JOB QUALIFICATION
• Bachelor's degree preferred in Information Security, Computer Science or related field preferred
• 5+ years of experience leading product (mobile / mobile app) security, cyber, design, etc.
• 5+ years of experience in security, cyber, design, relevant iOS and Android based apps
• 5+ years of code / programming experience (secure programming)
• 3+ years managing a Product (mobile / mobile app) security or similar team
• Prior experience with AWS, Linux and / or Kubernetes is desirable.
• Demonstrated leadership, team management, and decision-making skills
• In depth knowledge of device, firmware and hardware security as well as public cloud architectures
• Experience in secure device provisioning, management and supply chain security
• Experience performing threat modeling and design reviews to assess security implications and requirements
• Experience in defining and documenting security reference architectures and standards
• Experience with implementing common security frameworks and controls in highly automated environments, especially in CI / CD environments
• Significant experience designing and developing cloud-based software solutions for AWS or other similar cloud platforms
• Significant experience with APIs, web services, and general integration challenges and solutions and with API centric integration
• Mobile App and Mobile Web technologies
• Knowledge of information security standards and frameworks such as OWASP, NIST, SANS, etc.
• Security reviews for Code / Design / Architecture and threat modeling
• Experience securing Cloud environments / AWS
• Experienced with security development methodologies and standards
• Deep understanding of OWASP Top 10 and CWE 25; with proven track record and experience in implementing and integrating remediation strategies
• Good knowledge of secure coding best practices and ability to guide R&D teams on how to write secure code
• ACTIVE DATES

Urgent