Associate Manager - Application Security

Associate Manager - Application Security

Strategic Roles and Responsibilities:

• Conduct regular security assessments of applications to identify and prioritize vulnerabilities.
• Perform penetration testing on web and mobile applications to simulate real-world cyber-attacks and uncover potential weaknesses.
• Review application code to identify and remediate security flaws, ensuring adherence to secure coding practices.
• Evaluate the overall security architecture of applications and propose improvements to enhance resilience against cyber threats.
• Automate repetitive security tasks to improve efficiency and coverage.
• Work closely with cross-functional teams including developers, QA, DevOps, and IT.
• Strong coding and scripting skills (e.g., Python, Java, JavaScript, TypeScript, etc.); ability to prototype tools or support initiatives directly.
• Hands on experience on IaC -Infrastructure as Code.
• Integrate security testing into CI/CD pipelines (DevSecOps).
• Monitor and respond to security incidents, conducting root cause analysis and implementing corrective actions.
• Stay up to date with the latest security trends, threats, and technologies to continuously improve the security posture of applications.
• Build automation scripts to reduce the repetitive task such as reports, attacking scripts, etc

 

People Management

• Foster an environment of learning, excellence, and innovation within the team and across teams.
• Provide mentorship and guidance to junior team members.
• Conduct performance reviews and provide constructive feedback.
• Ensure continuous professional development of team members.

 

 

Educational qualifications & Experience:

1. Bachelor’s degree in computer science, Information Security, or related field.
2. 8-10 years of experience in application security, including vulnerability assessment and penetration testing.
3. Strong understanding of secure coding practices and knowledge of common security vulnerabilities.
4. Familiarity with security standards and frameworks such as OWASP, ISO 27001, and NIST .
5. Experience with security testing tools and automation.
6. Relevant certifications such as CEH, AZ500, AWS Security, Kubernetes, IaC are a plus.
7. Excellent communication and collaboration skills.
8. Ability to stay up to date with the latest security trends, threats, and technologies

Experience Level

Mid Level