Head/Vice President - IT Application Security - BFS

Role - Head / Vice President - IT Application Security

Location - Bangalore

The Role:

To Build & Head the IT Application Security Function For the Organisation & Support this Practice for all Verticals.

Accountabilities :

Platform / Application Security Strategy:

- Assess client's application security landscape, evaluate and suggest most suitable security tools & techniques to create a threat resilient landscape using Organisations differentiated methods and create impactful client solutions

- Provide application security concept, framework & standards support for development & support delivery teams for the solution design, customization build and roll out to end users

- Collaborate with other practice groups to review the effects of new threats and vulnerabilities in the security space to assess, remediate, test and protect client application artefacts, data and enterprise ecosystems from threat vectors as they emerge

- Drive Innovation Through Offerings

- Building innovative & collaborative solutions to bring combined offerings such as security related combinations with J2C, API, Data security as advisory & execution footprint to capture opportunities & illustrate convergence within Organisation as a theme

- Bring the application security practice to life to achieve sales and commercial opportunities in a collaborative ecosystem and follow through with support for cost effective high quality execution

Capabilities:

- Client Relationship Building and Management

- Continuous Improvement Strategy

Technical Capabilities:

- BE / B.Tech / MCA with 15+ years of experience with hands on exposure to application security related technology design, delivery and maintenance work.

- Comprehensive understanding of static and dynamic code analysis in application security and ability to provide effective remediation for identified vulnerabilities

- Working level familiarity with Static and Dynamic Analysis tools (SAST, DAST, IAST)

- Ability to manage deployment & use of OWASP tools and methodologies

- Working level familiarity with relevant vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint or any other open source tools)

- Working level familiarity with web application vulnerability scanning tools (e.g., IBM AppScan, HP Fortify, Accunetix, NTO Spider, Burpsuite Pro or any other open source tools)

- Ability to elucidate vulnerabilities and weaknesses in the OWASP Top10,WASCTCv2, SANS Top-25 and CWE25 to client IT/ISO audiences and discuss effective defensive techniques.

- Comprehensive understanding and previous oversight of IT hardware, software, networking, databases, API services, J2C and related hosting needs as well as familiarity with application development and delivery concepts including programming