Job Description:
Job Title: Application Security Testing Project Manager
Job Description: We are looking for a highly organized and experienced Application Security Testing Project Manager to lead our cybersecurity initiatives. The successful candidate will have a strong background in project management and a deep understanding of application security testing.
Responsibilities:
- First Point of contact for app teams who have security scanning questions Customer Facing
- Provide guidelines, oversight, and best practices for:
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Software Composition Analysis (SCA)
- Provide guidance to development teams on how to properly integrate application scans into their pipelines.
- Gather and analyze threat intelligence for security issues and vulnerabilities.
- Develop specifications for application security and mitigation techniques.
- Coordinate mitigation and remediation of detected vulnerabilities to maintain a high-security standard and a hardened environment that satisfies AT&T remediation guidelines (facilitate remediation activities between app team and security testers)
- Research security enhancements and make recommendations to management.
- Perform other duties of a similar nature or level.
- Establish and manage program status reporting structure and cadence
- Credential gathering/management to facilitate efficient scan scheduling
- Process improvements, automation, and innovation that improve both security scanning activities as well as efficient handling of vulnerability reporting and remediation
- Establish and manage reporting, escalation, and tracking to ensure adherence to scan schedules
- Establish and manage program metrics and measurements
Qualifications:
- Bachelor's degree required
- Deep familiarity with the OWASP Top 10 and other security concerns for web applications
- Familiarity with OWASP Application Security Verification Standards (ASVS)
- Familiarity with SAST, DAST, SCA Scanning practices
- Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) as found by scanning tools
- Track record of staying current with trends, techniques, tools, and processes that drive improvement of security posture of applications
- Excellent verbal and written communication skills
- Team-oriented thinking with demonstrated ability to produce high-quality work as part of a fast-paced, dynamic team
- Proven ability to communicate, collaborate, and present effectively with teams and individuals in different disciplines or areas (English language proficiency required)
Weekly Hours:
40
Time Type:
Regular
Location:
Bangalore, Karnataka, India
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.
