Assistant Vice President - Application Security Testing SME

• Oversee the lifecycle management of various security technologies, ensuring secure operation and ongoing risk assessment.
• Maintain and update security policies and procedures, contributing to compliance and risk reduction.
• Prepare periodic risk analysis, security compliance reports, and incident summaries.
• Conduct security assessments and code reviews to identify vulnerabilities in our applications.
• Perform penetration testing and ethical hacking on new and existing applications to ensure security standards are met.
• Collaborate with software development teams to implement secure coding practices and integrate security into the SDLC.
• Develop and maintain application security guidelines, standards, and best practices.
• Implement and manage security tools such as static and dynamic analysis tools, vulnerability scanning, and code review tools.
• Stay updated on the latest security vulnerabilities, attack vectors, and industry trends.
• Respond to security incidents, providing root cause analysis and implementing preventive measures.
• Conduct security training and awareness sessions for development and engineering teams.

Requirements:

• 5+ years of experience in application security, including secure coding practices, vulnerability management, and threat modeling.
• Hands-on experience with security tools such as Burp Suite, OWASP ZAP, Qualys, Nessus, or similar.
• Proficient in cloud security technologies (AWS, Azure,GCP).
• Strong understanding of common vulnerabilities (OWASP Top 10) and application security concepts.
• Proficiency in programming and scripting languages (e.g., Java, Python, JavaScript) and familiarity with web and mobile application architectures.
• Industry certifications like CISSP, CEH, OSCP, or GWAPT are highly desirable.
• Strong problem-solving skills, with the ability to work both independently and as part of a team.