About Security Bank
We are the Philippines’ largest independent bank, having won countless awards over the years including the most prestigious industry award in both 2015 and 2016—the Bank of the Year – Philippines by The Banker.
We’re changing how people bank. From the moment customers enter our branches to their experience online, we make them feel valued and empowered.
Now, with more than 300 branches spanning the country, BetterBanking has become the gold standard in improving the banking lives of millions of Filipinos. But we’re far from done.
In our constant pursuit of excellence and improvement, we create teams that support our business and each other.
As an IT Security Analyst, you will support minimizing security risk by managing, monitoring, and reporting on API security systems, advising the Central API team as a Subject Matter Expert (SME) while supporting the organizations DevSecOps practice, particularly with Agile DevOps pipelines.
How you'll contribute
- Work with Agile teams, reviewing project documentation, researching and referencing Information Security policy, delivering recommendations and guidance, and performing other tasks in the pursuit of securing systems, processes, and software applications.
- Work with application development personnel and other technical team members to review existing and/or new APIs/web services in support of quality implementations that align with Information Security policies, procedures, and generally-accepted best practices.
- Participation in the creation and maintenance of API security specifications, reviewing software designs to ensure appropriate/required security controls have been included in designs, administering API security testing tools, performing API code reviews, attesting compliance with the security requirements, and advising development teams on API-related technical issues and questions
- Work closely and collaborate with Central API team and business to review security requirements and assess the security posture to identify gaps or improvements or security risks
- Play an active role in developing security technical architecture design which supports a robust technology solution, taking into account the client business priorities, technical requirements, and client-specific security requirements
- Provide strong technical leadership and guidance to both customer, Central API, and project teams
- Worked collaboratively with other colleagues, supporting them when possible
What we’re looking for
- Graduate of Bachelor's Degree in the field of Computer/Telecommunication, Computer Science/Information Technology
- At least 3-4 years experience in IT Software
- The ideal candidate will possess extensive experience developing and securing applications and web services, or web APIs (Application Programming Interfaces).
- Experience with Information Security Policy, its interpretation, reference, and usage when delivering opinions, recommendations, and guidance.
- At least 2 years of experience in implementing API Security and Access Control (OAuth/SAML, Web SSO, SSL, etc.)
- Knowledge of API best practices and performance tuning (Rest, microservices)
- Good experience in supporting the APIs environments (gateway, cloud, microservices, etc.) and have a strong understanding of API creation, management, hardening, and defense.
- Experience working in Agile methodologies – Scrum, Kanban, Lean User Experience (UX), XP is desirable
- Excellent written and spoken communication skills; an ability to communicate with impact, ensuring complex information is articulated in a meaningful way to wide and varied audiences