Position Summary:

Your role will be working on implementing the security strategy governing the platform. You will work with the various engineering teams to understand product and business needs, provide expertise around Secure application and cloud service development, as well as define and own clear guardrails, alerts, and Security as Code (SaC) deployments to provide 24/7 protection from malicious traffic, vulnerabilities and other attack vectors.

Responsibilities :

- Help define consistent Secure Software Development Lifecycle practices for mergerWareM&A software throughout the planning and delivery cycles that assure that application security risks are mitigate

- Ensure end-to-end security of MergerWare platform by hands on testing, hypothesizing threats, helping development teams remediating risks upfront and championing secure implementation efforts

- Improve secure coding practices, application security requirements, automation, training, and metrics

- Integrate threat modeling practices into the Software Development Lifecycle

- Help build secure products and standards around emerging technologies and using existing standards and security practices

- Perform Security Architecture and Low Level Application Security Design review involving: Data Protection, Authentication and Authorisations, Web Application Security and Network Security

- Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals

- Collaborate with product and solution teams to achieve Cybersecurity software security program objectives

- Manage cross-functional internal and external team collaboration, evangelization, and communications

- Develop and optimize processes to improve software development efficiency in the consumption of security development practices

- Maintain active understanding of industry practices for secure software development and incident response

- Carry out and own closures for Vulnerability Assessment and Penetration Testing for both Infra and Applications.

- Perform both Manual and Automated Security Testing for identifying application vulnerabilities.

- Perform periodic Configuration audits on Network Devices, Servers and other critical functions.

- Performing code review across a variety of programming languages and provide recommendations for preventive and corrective actions.

- Performing assessments of SDLC processes

- Developing testing scripts and procedures

- Other security-related projects that may be assigned according to skills

Qualifications :

- Qualification Required: Bachelor/Master Degree in either Computer Engineering or Information science

- Certification preferred: OSCP, CEH, ECSA, CPT, LPT

- Minimum experience: 5+ years in the domain of Product security.

- At least 3 years experience in leading a team.

This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.