Looking to hire a Senior Manager for Application Security Governance Role
Roles & Responsibilities:
- Maintains knowledge of industry cyber security and digital privacy regulations and standards (ISO27K, NIST 800-53, NIST CSF, HIPAA, etc.,)
- Directs the design, build, implement, and support enterprise-class security systems based on the NIST 800-53, Center for Internet Security (CIS) controls and related standards
- Creates solutions that balance business requirements with information and cybersecurity requirements.
- Initiates, collaborates, and leads open conversations with teams, clients, and stakeholders to build trust and understanding around cybersecurity initiatives.
- Governs security assessments, including security program reviews, penetration testing, vulnerability testing, risk analysis, and remediation tracking / provides recommendations related to findings.
- Exposure to AI / LLM / SLM based automation of Cybersecurity operations / governance tasks
- Regularly communicates vital information, security needs and priorities to management
- Fosters a culture of accountability at all levels.
Qualifications:
- A minimum of a bachelor’s degree in information technology or information systems or cyber security is preferred
- 15-plus years of working experience in Application and Infrastructure Security
- Excellent interpersonal skills
- A minimum of 3 years working in a leadership position
- Should have good understanding and hands on experience in Application security SCA, SAST and DAST
- Should have good understanding and hands on experience in WAF
- Should be able to develop and manage various security policies for Application and Infrastructure
- Should have in-depth knowledge of CIS policies
- Well versed with SAP security
- Should have infrastructure vulnerability management solutions like Qualys, Tenable and Rapid7
- Should have good knowledge of DevSecOps, API Security and manual penetration testing