Application Security Specialist

Job Title: Application Security Specialist

Location: Hyderabad, India

Job Description:

We are looking for a highly experienced Application Security Specialist with 7 to 10 years of experience to join our team. The role demands a deep operational security (OpSec) focus, requiring a broad understanding of technology and its lifecycle, beyond just cybersecurity. The candidate should have expertise in cybersecurity, risk and governance, threat and vulnerability management, and identity access management. This role is crucial in ensuring that application security practices are upheld and that security risks are managed effectively throughout the development and deployment lifecycle.

Key Responsibilities:

Stakeholder Management:

Act as the primary liaison between security teams, development teams, and business stakeholders to ensure secure development practices and mitigate risks.

Communicate security issues, risks, and recommendations clearly and effectively to both technical and non-technical stakeholders.

Operational Security (OpSec):

Manage the security posture of applications across their lifecycle, from design and development to deployment and maintenance.

Ensure that all applications meet baseline security requirements, particularly in cybersecurity, risk, governance, and threat management.

OWASP Understanding & Implementation:

Strong understanding of OWASP Top 10 vulnerabilities and their remediation.

Guide development teams on secure coding practices based on OWASP recommendations.

Compliance & Regulatory Frameworks:

Ensure application security compliance with international standards such as ISO 27001, NIST, PCI DSS, and CIS.

Conduct regular assessments and audits to ensure compliance with these frameworks and manage remediation efforts.

Penetration Testing & Vulnerability Management:

Oversee and guide penetration testing efforts to identify vulnerabilities in applications.

Analyze pen test results, prioritize risk, and collaborate with developers to ensure timely remediation of security issues.

Threat and Vulnerability Management:

Continuously assess applications for potential security threats and vulnerabilities.

Implement proactive measures to manage risks and vulnerabilities, ensuring that applications are secure and resilient.

Qualifications & Skills:

Experience: 7 to 10 years in Application Security, with a strong background in operational security, threat management, and vulnerability assessment.

Technical Knowledge: Proficient in OWASP, ISO 27001, NIST, PCI DSS, CIS, and understanding of penetration testing techniques and results.

Stakeholder Management: Proven experience in managing stakeholder relationships and communicating complex security issues.

Security Frameworks: Strong understanding of application security, risk governance, and compliance with global security standards.

Preferred Certifications:

Certified Information Systems Security Professional (CISSP)

Offensive Security Certified Professional (OSCP)

Certified Ethical Hacker (CEH)