Application Security Specialist -Manager
Capgemini
Bangalore, KA, IN
1d ago

Short Description

Application Security Specialist -Manager

Job Description :

  • 9-12 years of experience in designing and implementation of security solutions based on SDLC and Agile framework.
  • Experience in Web & Mobile Application Penetration Testing is a must.
  • Sound knowledge of application security domain in all phases of Secure SDLC is a must.
  • Should be able to manages client expectations and balances the needs of the company and clients to ensure satisfaction for both.
  • Strong business sense and balancing between user needs with security needs.
  • Should have broad knowledge of web security tools, database security and network security tools.
  • Should be able to influences decisions and project direction at the executive level.
  • Experienced in risk assessment, threat modelling and secure coding practices.
  • Deep understanding of security vulnerabilities (OWASP Top 10, SANS Top 25 etc.) is a must.
  • Knowledge of industry security requirements, standards and best practices is preferred.
  • Knowledge of third party auditing and cloud risk assessment methodologies.
  • Experience in open-source third party vulnerability handling, static and dynamic security assessments and CI-CD Integrations etc.
  • Hands-on experience on cloud providers. Familiar with virtualization technologies such as virtual machines, Docker containers, orchestration tools such as Kubernetes.
  • JavaScript, Bash scripts / Python knowledge is an added advantage.
  • Good project management skills.
  • Skills in presenting information to different audiences at the suitable level of detail.
  • Ability to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
  • Advanced security certifications from accredited bodies are preferred.
  • Responsibilities :

  • Support the secure development of customer products by working with multiple product groups in an agile setup, work with the development teams to conduct threat modelling to the product features and provide necessary security requirements to build a secure product.
  • The candidate will work closely with program and account teams and customers to identify and shape near-term and long-term roadmaps, security architectures and requirements.
  • Lead the development of the security strategy, architecture, governance, and roadmaps.
  • Provide application security training sessions and conduct research on relevant security topics.
  • Drives security processes and procedures across Dev teams following ITIL and ISO 27001 guidelines
  • Responsible for privacy related compliance / regulations in application security focal point.
  • Keep yourself up to date on the security aspects of the products, including infrastructure security, enterprise application security and cloud security, web security, data security and encryption etc.
  • Architect and design access management using IAM protocols such as OAuth2.0, OIDC, SAML 2.0, authorization policies (such as XACML).
  • Well-versed in symmetric and asymmetric cryptography, PKI and certificate management, SSL etc.
  • Perform Penetration testing of applications and underlying infrastructure, review test results and communicating it appropriately.
  • Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit.
  • Apply
    Add to favorites
    Remove from favorites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form