At Walmart, we prioritize innovation and data security. Our team is dedicated to maintaining a secure operating environment and preserving the trust of our customers, suppliers, sellers, associates, and stakeholders. We combine a range of services and expertise to prevent fraud, detect threats, and manage digital risk and access. Our focus is on mitigating attack risks, securing cloud transformation, and fostering a culture of security and reliability within our team.
What you'll do:
As cybersecurity risk expert to conduct security technical review on solutions. Shift left in software development lifecycle to engage with product and tech team to understand roadmap and new project plans to ensure security is considered at early stage. Create threat models for enterprise applications to identify attack surfaces and threats. Develop and promote repeatable secure development practices. Identify security gaps on legacy applications and drive rectification. As cybersecurity risk expert to assist cybersecurity compliance projects. Work with stakeholders to provide tailored secure coding training to developers driven by vulnerability data analytics and metrics Identify gaps between internal policy and local cybersecurity law and regulation requirements, work with stakeholders to create and modify security procedures, policies, and training content Build data analytics and metrics to track the effectiveness of the App Sec program to implement continues improvement and manage stakeholders’ expectations. Preferred Qualifications:
Bachelor’s degree in computer science, information technology, cybersecurity. Strong communication skills in both English and Mandarin with the ability to articulate and translate security and risk management terminology in business terms. Minimum of 8-10 years of experience within the Cyber Security space- ideally Application Security where you were responsible for security design, penetration testing, and Security Architecture. Proven experience providing secure design guidance for diverse application portfolios Proven experience integrating application security into SDLC and CI/CD processes including automated workflows. Solid understanding of common tech stacks. One or more certifications of Security+, CISSP, CCSP, CISA, CISM.
Able to work with stakeholders from different cultures.
WMGS doesn’t charge any recruitment or similar fee in the recruitment process including but not limited to interview, offering and onboarding.