FreeHire

COMBUILDER PTE LTD

Senior Application Specialist

Show

Responsibilities:

  • Analyze vulnerability scan results from Qualys and security advisories to identify CVEs across Windows, Linux, Oracle Database, WebLogic, IIS, Apache, and cloud-hosted environments.
  • Perform CVSS-based risk assessment using exploitability data, asset criticality, and threat context to prioritize remediation.
  • Drive remediation of OS, middleware, database, and application vulnerabilities with infrastructure and application teams to meet remediation SLAs.
  • Track vulnerability lifecycle including closure validation, exception handling, and risk acceptance.
  • Identify and manage End-of-Life (EOL) technologies and define remediation or migration actions.
  • Analyze security logs and events from Splunk, NXLog, Microsoft Defender ATP, and system/application logs to detect anomalies and security issues.
  • Investigate incidents such as malware execution, phishing attempts, unauthorized access, and privilege misuse; perform root cause analysis.
  • Build and tune Splunk dashboards, correlation rules, and alerting logic for security and operational use cases.
  • Implement Data Loss Prevention (DLP) monitoring and reporting using SIEM-based analytics.
  • Perform privileged access reviews using CyberArk and SailPoint IdentityIQ, including entitlement validation and SoD checks.
  • Execute access remediation actions and enforce least privilege controls.
  • Implement and validate security controls aligned with MAS TRM, ISO 27001, NIST CSF, and SOX ITGC.
  • Provide audit evidence for vulnerability management, access governance, and control effectiveness.
  • Participate in CAB assessments for infrastructure, database, application, and cloud changes with focus on security impact.
  • Assess security risks in OS upgrades, database upgrades, and cloud migration activities (Azure / hybrid environments).
  • Coordinate patch deployment across Windows, Linux, and Unix environments and validate remediation through rescan verification.
  • Support DR testing, failover validation, and recovery verification for enterprise applications.
  • Develop automation scripts using PowerShell, UNIX Shell, SQL, Oracle PL/SQL, and SQLcl for vulnerability tracking, log extraction, and reporting.
  • Manage batch and job scheduling using CA Workload Automation and MFT tools (Connect, SFTP).
  • Work with Oracle, SQL Server, MySQL, and MongoDB environments for vulnerability validation, access checks, and configuration review.

Requirements:

  • Bachelor's degree in computer science, Information Technology, Cybersecurity, or related discipline.
  • Min 10 years of experience in Application Support, Vulnerability Management, or Security Operations in BFSI environments.
  • Hands-on experience with Qualys, Splunk, Microsoft Defender ATP, CyberArk, and SailPoint IdentityIQ.
  • Strong experience in CVE lifecycle management, patch governance, and vulnerability remediation in enterprise environments.
  • Experience working with MAS TRM, ISO 27001, NIST CSF, and SOX ITGC controls.
  • Experience supporting Windows, Linux, UNIX, Oracle, WebLogic, IIS, and Azure/hybrid infrastructure.
  • Strong scripting skills in PowerShell, UNIX Shell, SQL, and Oracle PL/SQL.
  • Experience with Managed File Transfer (MFT), Connect, and enterprise job scheduling tools.
  • Understanding of MITRE ATT&CK and Cyber Kill Chain methodologies.
  • Experience supporting enterprise database platforms (Oracle, SQL Server, MySQL, MongoDB).
  • Professional certifications such as CISSP, CISM,CRISC, CompTIA Security+, or ISO 27001 Lead Implementer/Lead Auditor will be anadvantage