Lead - Application Security SSDLC

As a candidate for the Information Security role in the field of computer science or IT, you will be responsible for the following key responsibilities: - Conduct internal / third-party Security (SSDLC) Risk Assessments on business-critical assets and processes. - Coordinate with project teams to ensure the security framework is enforced in all phases of SSDLC. - Prepare security effectiveness reports for management. - Test the applications/systems for SSDLC framework compliance to RBI / ReBIT Information Security practices. - Ensure new applications are inducted into the Data center after conducting SSDLC assessments. - Follow up on closure of identified gaps and escalate when necessary. - Define and enhance application security requirements and standards designed for agile development methods leveraging traditional application architectures. - Assist the DevSecOPs team in creating secure predictable CI/CD pipeline processes and enabling application teams to develop new capabilities securely. In addition to the responsibilities, the qualifications required for this role include: - 6+ years of Information Security background. - 4+ years of experience in Software Development Lifecycle and Security reviews in project lifecycle. - Experience in evaluating the control environment through Architecture, Software Design reviews, and Threat Modelling. - Hands-on experience in Static Application Security Testing and Dynamic Application Security Testing. - Experience in standardizing application security tools and methodology. - Familiarity with best practices of OWASP, SANS Institute, ISACA, GAO, FISCAM, NSA, NIST, Internet Engineering Task Force (IETF). - Development of a detailed security framework to be followed by developers in every step of the software development lifecycle. - Experience in software/application analysis tools like SAST, DAST, SCA, IAST, RASP, threat modeling, etc. The company operates in the Information Technology industry. No additional company details were provided in the job description.,