Application & Database Security Analyst

About the role

To perform application security review on existing and new applications for Hong Leong Financial Group. To participate in projects review and implementation of security controls and processes to ensure compliance to IT Security Policies and regulatory compliance. This position reports to the Head of Application Security.

Responsibilities

• User Access & Identity Management (IAM)
• These tasks focus on the "gatekeeping" aspect of security-managing who has access to what and ensuring those permissions remain current.
• Access Granting: Review and grant access authorities to applications based on approved user access matrices.
• Operational Requests: Attend to daily operational security requests for applications in-charge.
• ID Housekeeping: Ensure housekeeping of IDs is performed to eliminate dormant and unused IDs.
• Sensitive ID Monitoring: Control and monitor the usage of sensitive user IDs.
• Matrix Maintenance: Ensure that the User Access Matrix is reviewed by Business Owners on a pre-determined period.
• Security Governance & Documentation
• This group covers the formal frameworks, manuals, and continuous improvement of security standards.
• Documentation: Document new and update existing Security Administration Manuals, procedures, guidelines, and checklists.
• Process Improvement: Review and improve existing security controls, procedures, processes, or guidelines for better security.
• Policy Implementation: Review, evaluate, and implement application security controls to ensure compliance with security policies.
• Auditing & Monitoring
• These responsibilities involve the "check and balance" phase-verifying that controls are working and responding to formal oversight.
• Audit Log Review: Review and monitor audit logs and other critical audit trails in Production Systems.
• Self-Audits: Perform periodic self-audit checks and security verification on applications in-charge.
• Audit Support: Attend to auditor's queries and requests; follow up/rectify issues to ensure closure and prevent relapse.
• Project Integration & Risk Mitigation
• This involves proactive security work during the development or deployment of new systems.
• Project Participation: Participate in new project implementations to review, test, and implement security controls.
• Risk Compliance: Ensure security requirements are fulfilled and complied with to mitigate security risks during new builds.
• Business Continuity & Resilience
• These tasks focus on the organization's ability to remain functional during a crisis.
• Recovery Planning: Participate in Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP) exercises for the Group.
• Skills & Experience We Are Looking For:
• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a related field.
• 3-5 years of experience in Security Administration, IT Audit, or Application Security.
• CISA, CISM, or CISSP certifications will be an added advantage.
• Possesses knowledge of AS400 and Oracle.
• For more job opportunities, please go to HLB Careers: https://hlb.wd3.myworkdayjobs.com/HLBCareers/
• We appreciate your application and will be in touch with shortlisted candidates regarding next steps.
• About Hong Leong Bank
• Realise your full potential at Hong Leong Bank by applying now.

Additional Information

If you are looking to excel and make a difference, take a closer look at us...

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at hlb? Share your experience