Location: Hyderabad, India
Role: Application Security Solution Manager / Architect
The mission of the GSO Enterprise Application Security [EAS] team is to protect ADP's internally developed products from existing and emerging security threats. We improve internal product security posture by integrating and automating security controls early in the product development life cycle and aid in uncovering security risks. This work empowers and supports development teams to recognize and address security risks in a timely manner.
The EAS team has an opening for an Application Security Solution Manager to drive design, implement, and manage static source code scanning services and deliver application security analysis services (SAST, Open-source software, Container Security, Secrets, Code Repos and Automation In this role, you will be responsible to help implement, maintain, and deploy a large, distributed scanning solution and related tooling for global ADD and its partners. You may also be called on to help development teams access, understand, and develop effective remediations for the reported application security related vulnerabilities.
Unlock Your Career Potential: Project Management at ADP. It's the machine that propels us forward with commitment and excellence. You are savvy about our business environment and know how to adeptly manage people and processes. You have the leadership and analytical skills to ensure projects reach the finish line -- on time, within scope and within budget. We give you the tools to succeed, with continuous opportunities to train and advance.
We strive for every interaction to be driven by our CORE values: Insightful Expertise, Integrity is Everything, Service Excellence, Inspiring Innovation, Each Person Counts, Results-Driven, and Social Responsibility.
RESPONSIBILITIES:
- Design, implement, and manage static source code scanning services and deliver application security analysis services (SAST, Open-source software, Container Security, Secrets, Code Repos and Automation
- Ensure all deliverables are on time.
- Work with the on-site team to align on day-to-day requirements and team objectives.
- Ensure all associates in the team keep up with latest techniques and trends regularly.
- Analyze historic data to come up with new processes to gain quality and efficiencies.
- Recruiting and on-boarding
- Support development teams in understanding the vulnerabilities, by providing required information.
- Provide both process and technical support to the application security team and the development teams.
- Develop and generate metrics for reporting to the management.
- Perform other duties as required.
REQUIRED SKILL, EDUCATION, AND EXPERIENCE:
Success in this role will require:
- A bachelors degree in Engineering/Technology, in Computer Science & Engineering / Software Engineering / Information Technology
- Ten years or more experience in various IT or cybersecurity roles, with five or more years of experience specifically in software engineering roles.
- Expert-level python skills, to include building and maintaining custom modules, developing and consuming REST APIs, working with GraphQL.
- A proven ability to build and maintain OCI (docker) containers.
- Experience working with AWS (preferred) or other cloud providers, especially for container orchestration (kubernetes, managed container services).
- Experience working with git-based source code management systems.
- Practical use of cloud architecture, especially using orchestration services such as Kubernetes, docker compose, or ECS.
Other desired experience:
- Should have experience with application security tools such as SAST, DAST, IaC, SBoM, etc.
- Practical experience deploying medium-sized applications with terraform and helm.
- Use of workflow orchestration tools such as Apache Airflow or Argo Workflows.
- Detailed knowledge of regular expressions.
- Exceptional problem-solving skills.
- Self-motivated, with an ability to work independently.
- Preferred experience in assessing security of Thick-client and Embedded applications.
- Preferred experience in AGILE methodologies.
- Expertise in Python/Ruby scripting
- Hands on development knowledge in any of the development platforms like Java or .Net will be an added advantage.
- Exceptional problem-solving skills
- Excellent communication and presentation skills
- Ability to be a good team player as part of remote teams.
- Self-motivated with positive attitude
- Should be able to work independently.