Application Security Risk Review Manager

Job Description

Job Title: Application Security: Risk Review ManagerLocation: KolkataExp: 8 to 12 yearsDesired profile: Application Security controls & Architecture review We are looking for experienced members with: *strong analytical and problem-solving abilities *willingness and to learn new technologies and adapt to changing project requirements *ability to prioritize tasks and manage time effectively to meet deadlines *good verbal and written communication skills *ability to work collaboratively in a team setting Responsibilities 1. Review application design document based on the industry standard security frameworks and organization's internal security policy.2. Audit application security controls based on the industry standard security frameworks and organization's internal security policy.3. Coordinate with application development teams to ensure identified gaps are fixed in proper time.4. Closely work with issue management team to ensure proper remediation plans are in places with well documented records.5. Collaborate with senior developers and architects to ensure security best practices and secured design patterns are followed6. Work closely with other team members, including project leads, regional leads and risk reviewers.7. Provide regular updates on progress and issues to project managers and stakeholders Skill sets 1. Strong knowledge of effective controls for Application Security, Cloud & Services Hosting, Identity and Access Management, Data Protection, Borderless Connectivity, Endpoint Security, and Cyber Security Operations 2. Strong knowledge of application architectural patterns, such as MVC, Microservices, Event-driven etc. 3. Strong knowledge of architectural domain including cloud application architecture and container-based deployment. 4. Knowledge in code review service & penetration testing is preferred. 5. Familiarity with cloud architecture and services, such as AWS, Azure or GCP is preferred. 6. Strong knowledge of security controls assessments of network and security devices. 7. Strong knowledge of application security controls & audit.Certifications/Credentials (Optional)CEH, OSCP, ISO 27001:2013 Lead AuditorEducation qualificationBTech/BE/MTech from reputed institution/university as per the hiring norms