Senior Assistant Vice President
Senior Assistant Vice President
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We are looking for a forward-thinking and skilled Application Security Leader to strengthen and drive our Application Security practice with a focus on DevSecOps and cloud-native applications in EXL a $2B Nasdaq-listed global cloud-native organization. This role demands a visionary leader with extensive experience in securing complex multi-cloud and AI-based solutions/applications.
This role is crucial as we enhance our Data and AI lead solutions capabilities especially in the context of handling sensitive Health and Insurance data.
The ideal candidate will have a proven track record of developing and implementing robust application security programs ensuring the protection of critical business applications and data and leading a high-performing team of security professionals.
Collaborate with senior management and department leaders to identify opportunities to improve EXLs cloud security posture and establish a roadmap to mature the application security program.
Responsibilities:
- Strategic Leadership:
- Develop and execute a comprehensive application security strategy that aligns with the organizations business goals and technology landscape.
- Lead and mentor a global team of application security professionals fostering a culture of excellence and continuous improvement.
- Collaboration and Integration:
- Collaborate with development DevOps and IT teams to integrate security practices into the software development lifecycle (SDLC) and DevOps processes.
- Knowledge of secure coding principles and practices to prevent vulnerabilities such as SQL injection XSS and CSRF.
- Experience with static application security testing (SAST) dynamic application security testing (DAST) and interactive application security testing (IAST) tools.
- Work closely with product management and engineering teams to ensure security requirements are defined and implemented in new products and features.
- Establish and enable a high security baseline for all container environments across repositories CI/CD pipelines and runtime analysis.
- Threat Management and Vulnerability Assessment:
- Oversee the identification and assessment of application security threats vulnerabilities and risks.
- Implement and manage vulnerability management programs including regular security assessments penetration testing and code reviews.
- Regulatory Compliance and Reporting:
- Ensure compliance with relevant regulatory requirements and industry standards.
- Prepare and present regular reports on the status of application security programs metrics and incidents to executive leadership and the board of directors.
- Innovation and Continuous Improvement:
- Stay abreast of emerging security trends threats and technologies and continuously evaluate and improve the organizations application security posture.
- Foster a culture of innovation encouraging the adoption of advanced security technologies and practices.
Primary Internal Interactions:
- Works in a consultative fashion with cross-functions EXL teams (Cloud CCOE Domain Platform Legal Global Technology Compliance) and external partners advising on Cloud Security opportunities in a collaborative to improve information security efficiency and effectiveness
Primary External Interactions:
- Interaction with vendors/ OEMs during Design Implementation and Troubleshooting and ongoing service management.
- Technical Skills:
- Deep knowledge of application security frameworks standards and best practices
- Proficiency in DevSecOps secure coding practices threat modeling and security testing methodologies
- Strong understanding of cloud platforms (AWS Azure GCP) and their security features.
- Cloud security administration
- Cloud security architecture
- Cloud network engineering
- Cloud engineering
- Cloud governance
- Container security or engineering
- Offensive Security
- Vulnerability Management
- Minimum security Baseline
- Secure Configuration Audit
- Application Security
- Breach Attack Simulation
Security Architecture
- Threat Modelling
- Architecture Review
- Soft Skills:
- Cloud security administration
- Ability to handle senior management escalation - Vendor management Skills
- Effective communication
- Proficient team leader
- Business Acumen
- Decision making and communication
- Risk management skills
- Knowledge of latest cybersecurity trends & global industry best practices pertaining to financial Industry
- Operational experience in a Global-multi Industry-Regulated-Growth business environment
- Knowledge of Advanced Cyber Security Capabilities in the Industry
- Cyber Risk Management mindset
- Self-Started & Sense of Purpose
Required Experience:
Chief
Employment Type
Full-Time
