Lead Engineer - Product Security
Trivandrum, Kerala, India
Envestnet
Explore our connected ecosystem of solutions, intelligence, and technologies that connect people’s daily lives with their long-term goals. See how we’re equipping advisors with the tools and resources needed to deliver the most impactful...
Role Summary
- Responsible to ensure the implementation of security standards and compliance practices in various SDLC phases.
- Lead and mentor the team, collaborate with onsite and offshore teams to implement and ensure application security standards and practices.
- Perform various application security audits, tests and assessments to ensure security complaince within SLA.
- Review the application features and enhancement design, perform code review and provide security specific recommendations and best practises in each SDLC phase.
- Perform penetration test on web applications, identify the vulnerabilities, report security issues, suggest remediation measures and guide the development team to resolve the issue.
- Execute automated scan on web applications using various SAST and DAST tools, triage the issues, identify true positives and work with the development team for resolution.
- Collaborate with development team to review, recommend and consult on security concerns and set secure architecture standards.
- Perform security controls assessments, recommend and update application security policies and procedures to keep up with the security trends and changing internal and external requirements.
- Perform domain audits with help of OSNIT tools.
- Collaborate with clients and third parties, provide technical support for penetration tests and audit of the products.
- Review, evaluate and recommend security best practices for AWS cloud specific implementations of SDLC.
- Analyse, review and suggest new application installations, test various features and fuctionalities and collaborate with IT helpdesk team through the process of application whitelisting.
- Design and implement application and web-based security trainings across the organization.
- Develop tools to automate security testing, design and implement strategies to enhance the efficiency of secuity bug discovery and resolution.
- Lead and mentor the team, provide technical and non-technical guidance for their overall development.
- Lead the vulnerabiility management by collaborating with development leads, managers to ensure vulnerabalities are remediated within SLA.
Exposure and Experience
- Minimum 8 years experience in web application security.
- Expert knowledge in Software Development Life Cycle.
- Experience in Security Controls Assessment, Vulnerbility Management, Penetration Testing and Application Whitelisting.
- Domain knowledge on Investment Banking/Wealth Management would be an added advantage.
- Education: BTech/ MCA
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
6
1
0
Categories:
Leadership Jobs
Security Engineering Jobs
Tags: Application security Audits AWS Banking Cloud Compliance DAST Pentesting Product security SAST SDLC Vulnerabilities
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsInformation Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Cybersecurity Engineer jobsIT Security Engineer jobsCyber Security Specialist jobsSenior Network Security Engineer jobsSystems Engineer jobsSenior Information Security Analyst jobsSystems Administrator jobsSecurity Consultant jobsSenior Cyber Security Engineer jobsSecurity Specialist jobsIT Security Analyst jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Penetration Tester jobsSecurity Operations Analyst jobsSenior Information Security Engineer jobsThreat Intelligence Analyst jobsStaff Security Engineer jobsCyber Threat Intelligence Analyst jobs
Encryption jobsTop Secret jobsMalware jobsGDPR jobsSplunk jobsSaaS jobsEDR jobsRMF jobsSDLC jobsForensics jobsSQL jobsIDS jobsBash jobsThreat detection jobsIPS jobsIntrusion detection jobsDoDD 8570 jobsFinance jobsActive Directory jobsCRISC jobsITIL jobsCompTIA jobsGIAC jobsTerraform jobsDocker jobs
OWASP jobsClearance Required jobsHIPAA jobsSANS jobsCCSP jobsOSCP jobsUNIX jobsSOC 2 jobsVPN jobsPolygraph jobsIndustrial jobsBanking jobsJavaScript jobsData Analytics jobsTCP/IP jobsAnsible jobsDNS jobsSAP jobsSOX jobsJira jobsIT infrastructure jobsMachine Learning jobsCISO jobsNIST 800-53 jobsSOAR jobs