How much salary can I expect as a Deputy General Manager - Application Security in Adani Enterprises Ltd in undefined?

You can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.

What is the eligibility criteria to apply for Deputy General Manager - Application Security in Adani Enterprises Ltd in undefined?

The candidate should have completed undefined degree and people who have 7 to 31 years are eligible to apply for this job. You can apply for more jobs in undefined to get hired quickly.

Is there any specific skill required for this job?

The candidate should have undefined skills and sound communication skills for this job.

Who can apply for this job?

Both Male and Female candidates can apply for this job.

Is it a work from home job?

No, it’s not a work from home job and can’t be done online. You can explore and apply for other work from home jobs in undefined at apna.

Are there any charges or deposits required while applying for the role or while joining?

No work-related deposit needs to be made during your employment with the company.

How can I apply for this job?

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

What is the last date to apply?

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in undefined . Through apna, you can find jobs in 74 cities across India. Join NOW

Deputy General Manager - Application Security

Adani Enterprises Ltd

Ahmedabad

Not disclosed

Work from Office

Full Time

Min. 7 years

Job Details

Job Description

Deputy General Manager - Cyber Security

About Business:

Adani Group: In recent years, we have evolved from a new player in power generation to India’s largest private thermal power producer, with a capacity of 15,250 MW and a 40 MW solar project in Gujarat. It has created a world-class logistics and utility infrastructure portfolio that has a pan-India presence. Adani Group is headquartered in Ahmedabad, in the state of Gujarat, India. Over the years, Adani Group has positioned itself to be the market leader in its logistics and energy businesses focusing on large-scale infrastructure development in India with O & M practices benchmarked to global standards. With four IG-rated businesses, it is the only Infrastructure Investment Grade issuer in India.

Job Purpose: The Application Security Lead will be responsible for overseeing and managing the security of applications within the organization. This role will lead the application security program, ensuring secure coding practices, vulnerability management, and the application of secure design principles across all software development life cycle (SDLC) stages. The Application Security Lead will work closely with development teams, IT, and cybersecurity functions to ensure that applications are secure, resilient, and compliant with relevant industry standards and regulations.

Application Security Lead

Application Security Strategy and Leadership:

Develop, implement, and lead the organization’s application security strategy to ensure that all applications are built, deployed, and maintained with security best practices.

Provide leadership and guidance on secure coding practices, threat modeling, and vulnerability management to development and security teams.

Ensure that application security requirements are integrated into the entire software development lifecycle (SDLC), from design to deployment.

Vulnerability Management and Remediation:

Identify, assess, and manage vulnerabilities in applications, working with development teams to prioritize and mitigate security risks.

Lead application vulnerability assessments, including static analysis (SAST), dynamic analysis (DAST), and penetration testing, and coordinate the remediation efforts.

Develop and maintain a vulnerability management framework to track and address vulnerabilities, ensuring timely and effective remediation.

Security Testing and Assurance:

Oversee the execution of security testing (e.g., code reviews, penetration tests, threat modeling, security audits) to identify weaknesses in applications before they are deployed.

Implement and manage security testing tools (e.g., SAST, DAST, IAST) to assess applications for vulnerabilities and enforce secure coding practices.

Collaborate with development teams to ensure that security testing is part of the CI/CD pipeline, ensuring applications are continuously monitored for new vulnerabilities.

Collaboration with Development Teams:

Work closely with development teams to integrate security into the software development lifecycle (SDLC), providing expertise on secure coding practices and secure software design.

Conduct secure coding training sessions and workshops for development teams to raise awareness about common vulnerabilities (e.g., SQL injection, cross-site scripting) and how to prevent them.

Collaborate with development teams to address security findings and ensure that security is not an afterthought in the development process.

Risk and Compliance Management:

Ensure that applications comply with relevant cybersecurity regulations, standards, and industry best practices (e.g., OWASP, PCI DSS, GDPR).

Manage risk assessments for applications and ensure that security controls are in place to mitigate risks to an acceptable level.

Support the organization in meeting security compliance requirements by ensuring that security measures are in place for all applications.

Incident Response and Forensics:

Lead the investigation and remediation of security incidents related to applications, coordinating with incident response teams to minimize the impact of security breaches.

Perform post-incident reviews to identify lessons learned and implement recommendations for improving application security moving forward.

Develop and maintain an incident response plan that specifically addresses application-related vulnerabilities and incidents.

Application Security Tools and Automation:

Select, implement, and manage application security tools to automate and streamline security testing, monitoring, and vulnerability management.

Continuously evaluate and improve security tools to ensure they are aligned with the organization's needs and the evolving threat landscape.

Build and enhance automation capabilities to integrate security testing into the development pipeline, reducing manual effort and accelerating secure code delivery.

Training and Awareness:

Provide regular security training and awareness programs to development teams to improve their knowledge of secure coding techniques and threat mitigation strategies.

Stay updated with the latest trends in application security, vulnerabilities, and attack techniques to continuously improve the organization’s security posture.

Develop a knowledge-sharing culture around application security, ensuring that teams are kept informed about emerging threats and new tools/techniques.

Reporting and Metrics:

Track, report, and provide metrics on the status of the application security program, including vulnerabilities, remediation efforts, and risk mitigation progress.

Communicate security findings, trends, and areas of improvement to senior leadership, providing recommendations on how to improve application security posture.

Prepare regular reports for stakeholders, highlighting critical security issues and ensuring transparency on remediation efforts.

Key Stakeholders - Internal

Business Unit Heads and Department Heads

Chief Information Security Officer (CISO)

Development Teams (Developers, Engineers, QA)

Information Security and IT teams

Risk Management Teams

Incident Response Teams

Enterprise Cybersecurity Team

Key Stakeholders - External

Regulatory Authorities and Compliance Organizations

Security Tool Providers

Third-Party Vendors and Partners

Educational Qualification:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Advanced degree (e.g., Master's, MBA) in Cybersecurity, Information Assurance, or a relevant discipline is highly desirable.

Certification:

Industry certifications such as OSCP / CEH / CHFI or similar are preferred.

Experience with application security tools, such as CheckMarx, Fortify, Burpsuite, Acunetix, Appscan, Tenable, and static code analysis tools. and experience on Industry application secuiry asesssment frameowrk e.g., (OWASP, NIST, PCI DSS) and DevSecOps platforms e.g., GitLab, Github etc.

Work Experience (Range of years):

7+ years of relevent experience in application security and secure software development lifecycle including hybrid platform with at least 2+ years on Leading the application security team.