application security manager in mumbai

posted
contact
randstad india
position type
temporary
apply now

posted
location
mumbai, maharashtra
function
Other
position type
temporary
experience
5-8
reference number
55927
contact
randstad india

job description

application security manager in mumbai

**Job Purpose:**This role is accountable & responsible* To Perform ,support, track and monitor the Application Security and IT risk assessment activities of the organization **Job Responsibilities:*** Articulate Appsec mechanism to monitor & track the Application security posture based on agreed KGIs/KPIs* Perform Application Risk assessment as per company agreed assessment procedure.* Perform Threat modelling of application, Application architecture review and source code analysis* Interact with developers and businesses and guide them to following best secure coding practices and get implemented.* He should have work on any of the secure code review tool like Sonarqube, Checkmarx source code analysis tool* Act as interface between Development team and VAPT team to guide the closure of the vulnerabilities* Track security metrics based on agreed KGIs/KPIs and measure & report overall Application security posture in terms of risks & compliance* Review & report metrics with/to respective stakeholder to provide adequate assurance* Track &Monitor performance of Application security and the status of major security initiatives & plans* Work with different teams to document relevant SOPs to support & implement the Appsec policies & processes.* Track the risk treatment plans and exceptions to ensure that all identified risks are managed within the organization's risk appetite.* Prepare relevant MIS reports & dashboards periodically* Collaborate and follow-up with respective team/stakeholder to get the relevant data in timely manner* Escalate deviations and violations in a timely manner.* Remain updated with latest security trends**Qualification:*** Graduate from Recognized University with Relevant Professional Certificates **Work Experience & Knowledge:*** Overall 5+years with relevant experience in establishing & managing InfoSec Compliance for an enterprise* Should have sound knowledge, experience & understanding of OWASP top 10 for API, Mobile security and application security.* Should have a strong understanding of the development process like Devops process and its tools.* Should have minimum 2 years' experience of secure code review* Should have strong understanding of Dot net ,Java, GraphQL, MSSQL, PL/SQL,Azure Cloud architecture and API gateway knowledge* Should have hands on experience application risk assessment and threat modelling* Should have hands on experience of application VAPT and Mobile VAPT* Should have ability to effectively measure, present Dashboard/reports* Should have knowledge & experience in developing Processes by adopting Industry Best Practices & Standards like, ISO27000, PCI-DSS, ISO 31000, OWASP top 10 and Regulatory Guidelines.* Candidate with professional certifications like ISO-31000, CEH,OSCP would be preferred* Should have strong analytical and communication skills

skills

Application security, Threat modelling, Risk Assessment