Application Security SME
Share
Job Location:
Monthly Salary:
Posted on:
16 hours ago
Vacancies:
1 Vacancy
Job Summary
This is a remote position.
We are strengthening our Application Security function within custom development. The role sits under the Head of Application Security and focuses on securing internally developed applications SaaS applications and supporting cloud security initiatives.
The position supports and guides a Center of Excellence (CoE) based in India that performs day-to-day operational AppSec activities. The mission also includes leading two major tooling evolutions: the migration of Invicti to its new platform and the migration of Sonatype from on premise to a SaaS solution.
The environment is complex and international involving many stakeholders across development data science security and platform teams.
The position supports and guides a Center of Excellence (CoE) based in India that performs day-to-day operational AppSec activities. The mission also includes leading two major tooling evolutions: the migration of Invicti to its new platform and the migration of Sonatype from on premise to a SaaS solution.
The environment is complex and international involving many stakeholders across development data science security and platform teams.
Typical Day
Regular touchpoints (12 times per week) with the AppSec Center of Excellence to guide operations review dashboards and handle escalations
Supporting application owners and developers with onboarding tooling integration questions and complex AppSec cases
Driving improvements in AppSec processes metrics and documentation
Leading or contributing to security tooling migrations (Invicti and Sonatype SaaS)
Collaborating with stakeholders to define roadmaps and improve secure development practices
Providing expert input on design security reviews code review reports and threat modeling when required
Regular touchpoints (12 times per week) with the AppSec Center of Excellence to guide operations review dashboards and handle escalations
Supporting application owners and developers with onboarding tooling integration questions and complex AppSec cases
Driving improvements in AppSec processes metrics and documentation
Leading or contributing to security tooling migrations (Invicti and Sonatype SaaS)
Collaborating with stakeholders to define roadmaps and improve secure development practices
Providing expert input on design security reviews code review reports and threat modeling when required
Requirements
Years of Experience: Senior profile required typically 8 years of experience
Must Have
Strong experience in Application Security within a custom development context
Solid understanding of AppSec tooling (e.g. Snyk Invicti Sonatype Intigriti or equivalent tools)
Experience with secure SDLC secure coding concepts and vulnerability management
Ability to work at expert level without being fully hands-on daily guiding a CoE instead
Experience working in large / complex organizations with multiple stakeholders
Strong communication skills in English
Must Have
Strong experience in Application Security within a custom development context
Solid understanding of AppSec tooling (e.g. Snyk Invicti Sonatype Intigriti or equivalent tools)
Experience with secure SDLC secure coding concepts and vulnerability management
Ability to work at expert level without being fully hands-on daily guiding a CoE instead
Experience working in large / complex organizations with multiple stakeholders
Strong communication skills in English
Proactive and autonomous mindset
Ideal Candidate
A senior Application Security professional who can take ownership of tooling and processes
Comfortable acting as a subject matter expert and advisor not just an operator
Proactive in identifying gaps proposing improvements and driving initiatives forward
Able to engage confidently with developers architects platform teams and security leadership
Capable of quickly mastering existing tools and new functionalities to maximize value
Nice to Have
Prior experience with UCBs specific tools (Snyk Invicti Sonatype Intigriti)
Security certifications (AppSec testing or security-related)
Pharma / life sciences exposure
Familiarity with GxP concepts (not mandatory limited impact)
Exposure to GenAI / LLM security topics
A senior Application Security professional who can take ownership of tooling and processes
Comfortable acting as a subject matter expert and advisor not just an operator
Proactive in identifying gaps proposing improvements and driving initiatives forward
Able to engage confidently with developers architects platform teams and security leadership
Capable of quickly mastering existing tools and new functionalities to maximize value
Nice to Have
Prior experience with UCBs specific tools (Snyk Invicti Sonatype Intigriti)
Security certifications (AppSec testing or security-related)
Pharma / life sciences exposure
Familiarity with GxP concepts (not mandatory limited impact)
Exposure to GenAI / LLM security topics
Required Skills:
Responsible for overseeing the strategy governance and quality of all master data (Vendors Customers Materials) ensuring its accuracy consistency and alignment with business processes across the organization. Requirements: 10 years of experience in global data depth knowledge in Master Data Governance and Strategy Expertise in Data Quality Management knowledge in Data Integration and Architecture Change Management and Data Migration
