How much salary can I expect as a Deputy General Manager - Application Security in adani capital pvt ltd in undefined?

You can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.

What is the eligibility criteria to apply for Deputy General Manager - Application Security in adani capital pvt ltd in undefined?

The candidate should have completed undefined degree and people who have 7 to 31 years are eligible to apply for this job. You can apply for more jobs in undefined to get hired quickly.

Is there any specific skill required for this job?

The candidate should have undefined skills and sound communication skills for this job.

Who can apply for this job?

Both Male and Female candidates can apply for this job.

Is it a work from home job?

No, it’s not a work from home job and can’t be done online. You can explore and apply for other work from home jobs in undefined at apna.

Are there any charges or deposits required while applying for the role or while joining?

No work-related deposit needs to be made during your employment with the company.

How can I apply for this job?

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

What is the last date to apply?

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in undefined . Through apna, you can find jobs in 74 cities across India. Join NOW

Deputy General Manager - Application Security

adani capital pvt ltd

Ahmedabad

Not disclosed

Work from Office

Full Time

Min. 7 years

Job Details

Job Description

Deputy General Manager - Cyber Security

Responsibilities

Application Security Lead

Application Security Strategy and Leadership:

Develop, implement, and lead the organization’s application security strategy to ensure that all applications are built, deployed, and maintained with security best practices.

Provide leadership and guidance on secure coding practices, threat modeling, and vulnerability management to development and security teams.

Ensure that application security requirements are integrated into the entire software development lifecycle (SDLC), from design to deployment.

Vulnerability Management and Remediation:

Identify, assess, and manage vulnerabilities in applications, working with development teams to prioritize and mitigate security risks.

Lead application vulnerability assessments, including static analysis (SAST), dynamic analysis (DAST), and penetration testing, and coordinate the remediation efforts.

Develop and maintain a vulnerability management framework to track and address vulnerabilities, ensuring timely and effective remediation.

Security Testing and Assurance:

Oversee the execution of security testing (e.g., code reviews, penetration tests, threat modeling, security audits) to identify weaknesses in applications before they are deployed.

Implement and manage security testing tools (e.g., SAST, DAST, IAST) to assess applications for vulnerabilities and enforce secure coding practices.

Collaborate with development teams to ensure that security testing is part of the CI/CD pipeline, ensuring applications are continuously monitored for new vulnerabilities.

Collaboration with Development Teams:

Work closely with development teams to integrate security into the software development lifecycle (SDLC), providing expertise on secure coding practices and secure software design.

Conduct secure coding training sessions and workshops for development teams to raise awareness about common vulnerabilities (e.g., SQL injection, cross-site scripting) and how to prevent them.

Collaborate with development teams to address security findings and ensure that security is not an afterthought in the development process.

Risk and Compliance Management:

Ensure that applications comply with relevant cybersecurity regulations, standards, and industry best practices (e.g., OWASP, PCI DSS, GDPR).

Manage risk assessments for applications and ensure that security controls are in place to mitigate risks to an acceptable level.

Support the organization in meeting security compliance requirements by ensuring that security measures are in place for all applications.

Incident Response and Forensics:

Lead the investigation and remediation of security incidents related to applications, coordinating with incident response teams to minimize the impact of security breaches.

Perform post-incident reviews to identify lessons learned and implement recommendations for improving application security moving forward.

Develop and maintain an incident response plan that specifically addresses application-related vulnerabilities and incidents.

Application Security Tools and Automation:

Select, implement, and manage application security tools to automate and streamline security testing, monitoring, and vulnerability management.

Continuously evaluate and improve security tools to ensure they are aligned with the organization's needs and the evolving threat landscape.

Build and enhance automation capabilities to integrate security testing into the development pipeline, reducing manual effort and accelerating secure code delivery.

Training and Awareness:

Provide regular security training and awareness programs to development teams to improve their knowledge of secure coding techniques and threat mitigation strategies.

Stay updated with the latest trends in application security, vulnerabilities, and attack techniques to continuously improve the organization’s security posture.

Develop a knowledge-sharing culture around application security, ensuring that teams are kept informed about emerging threats and new tools/techniques.

Reporting and Metrics:

Track, report, and provide metrics on the status of the application security program, including vulnerabilities, remediation efforts, and risk mitigation progress.

Communicate security findings, trends, and areas of improvement to senior leadership, providing recommendations on how to improve application security posture.

Prepare regular reports for stakeholders, highlighting critical security issues and ensuring transparency on remediation efforts.

Key Stakeholders - Internal

Business Unit Heads and Department Heads

Chief Information Security Officer (CISO)

Development Teams (Developers, Engineers, QA)

Information Security and IT teams

Risk Management Teams

Incident Response Teams

Enterprise Cybersecurity Team

Key Stakeholders - External

Regulatory Authorities and Compliance Organizations

Security Tool Providers

Third-Party Vendors and Partners

Qualifications

Educational Qualification:

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Advanced degree (e.g., Master's, MBA) in Cybersecurity, Information Assurance, or a relevant discipline is highly desirable.

Certification:

Industry certifications such as OSCP / CEH / CHFI or similar are preferred.

Experience with application security tools, such as CheckMarx, Fortify, Burpsuite, Acunetix, Appscan, Tenable, and static code analysis tools. and experience on Industry application secuiry asesssment frameowrk e.g., (OWASP, NIST, PCI DSS) and DevSecOps platforms e.g., GitLab, Github etc.

Work Experience (Range of years):

7+ years of relevent experience in application security and secure software development lifecycle including hybrid platform with at least 2+ years on Leading the application security team.