Head Application Security

As the Head of Application Security Engineering, you will lead, mentor, and manage a high-performing team of 20+ Application Security Engineers, fostering a culture of continuous improvement and collaboration. Your responsibilities include developing and implementing a comprehensive application security strategy to identify, assess, and mitigate risks throughout the software development lifecycle. You will oversee security testing, vulnerability assessments, code reviews, and penetration testing efforts to ensure adherence to best practices. Collaboration with cross-functional teams like Engineering, DevOps, and Product Management is essential to seamlessly integrate security into the product development lifecycle. You will lead response efforts to security incidents, ensuring effective detection, containment, and resolution. Staying updated with the latest security threats, trends, and best practices will be crucial to enhancing the team's capabilities. Establishing and enforcing application security policies, standards, and guidelines to ensure consistency across applications is a key part of your role. You will drive training programs to enhance the security awareness of development and engineering teams. Regularly providing security performance reports and risk mitigation updates to senior leadership is also a part of your responsibilities. The ideal candidate will hold a Bachelor's degree in Computer Science, Information Security, or a related field, with a preference for a Master's degree. You should have over 15 years of experience in application security, including at least 5 years in a leadership role. A proven track record of managing and scaling security engineering teams is required. Deep expertise in secure coding practices, vulnerability assessments, penetration testing, and threat modeling is essential. Extensive hands-on experience with modern application security tools, strong knowledge of web application technologies, cloud platforms, and secure development practices are necessary. In-depth understanding of compliance requirements and experience with secure SDLC, CI/CD pipeline integration, and DevSecOps practices are critical. Excellent communication skills, both technical and non-technical, are vital. Strong leadership and team-building abilities with a focus on fostering a culture of security excellence are key. Desired skills include certifications in application security, experience with vulnerability management, threat intelligence, and familiarity with container security, microservices, and serverless architecture. Join us in creating wealth and democratizing credit for consumers and merchants. Embrace the opportunity to be a part of India's largest digital lending story.,