Head of Application Security

Responsibilities

An Application Security Head is responsible for overseeing and implementing security measures to protect and organization's applications and software systems, ensuring the integrity and confidentiality of our applications and data. The ideal candidate will have 8-12 years of relevant experience in the application security area, with a strong background in application security management. This position offers the opportunity to work in a dynamic environment and contribute to the ongoing development and implementation of our cybersecurity strategies.

• Preside over monthly meetings with the GCISO,GCIO, BU CIOs and COEs with the agenda to improve posture of the organization, enhance IT security performance, promote collaboration & community building.
• This Position reports into the GCISO

Experience

• 15-18 years of experience in the cybersecurity industry with 8-12 years of experience in application security.
• Demonstrated expertise in application security baselining assessment (SAST/DAST) and DevSecOps.
• Proven track record of implementing security controls to protect digital assets.

Roles And Responsibilities

• Develop and lead the implementation of an application security strategy aligned with the organization's overall security objectives and business goals.
• Provide strategic direction and oversight for all aspects of application security, including policy & procedure development and information risk management.
• Establish and maintain a proactive approach to identifying and mitigating security risks in our applications, leveraging industry best practices and standards.
• Lead a team of application security professionals and providing mentorship.
• Collaborate with cross-functional teams, including development, IT operations, and business units, to integrate security into the software development lifecycle (SDLC).
• Oversee the implementation and maintenance of application security testing tools and processes, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Cloud Application Security (CAST) and Vulnerability Assessment and Penetration Testing (VAPT).
• Drive continuous improvement initiatives to enhance the efficiency and effectiveness of application security controls and processes.
• Stay abreast of emerging threats, vulnerabilities, and industry trends in application security, and incorporate relevant insights into the organization's security strategy.
• Serve as a subject matter expert on application security, providing guidance and recommendations to executive leadership and other stakeholders.

Qualifications

Education Qualification

• Bachelor's degree in Computer Science, Information Technology, or related field
• Master's degree in Cybersecurity or relevant field (preferred)

Certification Required (preferred)

• Certified Information Systems Security Professional (CISSP)
• Offensive Security Certified Professional (OSCP)
• Certified Ethical Hacker (CEH)
• Any other relevant cybersecurity certifications

Behavioral Skills

• Strong problem-solving and analytical skills
• Excellent communication and collaboration abilities
• Ability to work effectively in a fast-paced and dynamic environment
• Attention to detail and commitment to upholding security standards