Assistant Vice President/Manager - Application & Infrastructure Security

AVP-Application and Infrastructure security

Role - AVP

Designation - Manager

- Need candidates with hands-on experience on security with compliances exp. - Risk mgt, GRC, etc..

- Experience in Cloud certification will be a plus

- Candidates who were into application security side in initial stage of his or her career & then moved into infra security that combination can be looked at

Role : Application & Infrastructure Security Manager-CL7

Job Overview :

- We are looking for an Application Security Manager who is enthusiastic about assessing, defining, implementing, and supporting world-class security.

- Focus areas will include assess, define, build, manage and evolve application & infrastructure security standards for Accenture Operations. A key part of this role will be to represent security to our clients at various deal stages.

Main responsibilities :

- Support our clients achieving the benefits that DevSecOps can offer

- Contribute to/participate in the design and implementation of DevSecOps platforms, which covers areas such as integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production release procedures

- Participate in the assessment, architecture, design and implementation of DevSecOps practices and solutions needed to build and operate security in the cloud

- Participate in the development of junior DevSecOps team members

- Promote DevSecOps culture in our clients

- Drive adoption of tools and practices as the client transitions to DevSecOps

- Ability to apply knowledge and experience in a waterfall development lifecycle where warranted

- Experience and ability to act in a consultative capacity with client personnel in addition to applying technical skills

Key Attributes :

- Excellent verbal and written communication skills.

- Strong presentation and persuasion skills.

- Very strong knowledge of DecSecOps and security processes

- Experience working with various development methodologies, e.g. Agile and SCRUM, and process workflow across organizations.

- High degree of competency in all phases of project management, including issue and risk identification and management; change management; tracking dependencies and milestones; and communicating overall project status

- Demonstrated analysis and innovative problem-solving skills

- Experience working in matrix, multi-functional teams comprised of Program Managers, Product Managers, Developers, and business owners

- Solid understanding of technical platforms, internal and 3rd party interfaces.

- Ability to keep up-to-date with the latest security trends

- Ability to identify and assess complex problems for area of responsibility and create solutions in situations that require in-depth analysis and knowledge of organizational objectives

- Understand company policies and standards and be able to translate to business users.

- Ability to interface with customers and suppliers via strong written and verbal communications skills

- Demonstrated ability to effectively establish and maintain working relationships with all levels of the organization.

- Excellent organization/time management and problem-solving skills

Education :

- BE, ME, or Any Degree in Information Technology, or related field

Core Competencies :

- Cloud Certification (Practitioner, Security, Developer, Architect)

- Experience with at least one of the following: Amazon Web Services, Google Cloud Platform, Microsoft Azure

- Software application development experience, preferably Web application development

- Experience with Agile and/or DevOps methodologies

- Experience performing application security assessments such as threat modeling, security testing, and vulnerability management and remediation

- Compliances, risk management, GRC, etc..

- Software security frameworks and maturity models (BSIMM, OpenSAMM, etc.)

- Working with SAST, DAST, and/or Penetration Testing Tools

- Working in an Agile development environment, with an end-to-end understanding of the SDLC

- Hands-on experience with DevOps CI/CD tools such as Git, Jenkins, Ant/Maven/Gradle, Nexus/Artifactory, SonarQube, Puppet/Chef/Ansible

- Experience representing security to clients

- Experience guiding development teams

Preference :

- Industry recognized certification in security (e.g., CISSP, CSSLP, CASE, CEH, etc.)

- Minimum 10+ years in a Top Tier Technology organization / Top tier Consulting firm / Product management environment

- Experience with industry-leading Security Tools

- Strong written and verbal communication skills

- Strong presentation and persuasion skills

- Ability to drill down to core requirements from unstructured requests / inputs