Lead - Application Security SSDLC
Rebit
6 - 9 years
Mumbai
Posted: 25/08/2025
Job Description
| Reporting Structure | Reports to Senior Manager – SSDLC |
| Education | University degree in the field of computer science or IT. |
| Experience/ Qualifications | · 6+ years of Information Security background is essential. · 4+ years of Software Development Lifecycle, Security reviews in project lifecycle · Experience in evaluating the control environment through Architecture, Software Design reviews and or not limited to Threat Modelling. · Security reviews of design flaws · Hands on experience in Static Application Security Testing and Dynamic Application Security Testing. · Experience in standardizing application security tools and methodology · Should be familiar with the best practices of OWASP, SANS Institute, ISACA, GAO, FISCAM, NSA, NIST, Internet Engineering Task Force (IETF) · Develop a detailed security framework to be followed by developers in every steps of software development lifecycle. · Experience in software/application analysis tools like SAST, DAST, SCA, IAST, RASP, threat modelling, etc. |
| Industry | Information technology |
| Responsibilities | · Conduct internal / third-party Security (SSDLC) Risk Assessments on business-critical assets and processes. · Coordinate with project teams for ensuring security framework to enforced in all phases of SSDLC · Prepare security effectiveness reports for management. · Testing the applications / systems for SSDLC framework to RBI / ReBIT Information Security practices · Ensure new applications are inducted into Data centre after conducting SSDLC assessments · Follow up on closure of these gaps and escalate when necessary · Define and enhance application security requirements and standards which must be designed for agile development methods leveraging traditional application architectures · Assist DevSecOPs team to create secure predictable CI/CD pipeline processes, and enable application teams to develop new capabilities securely |
| Certifications (any two) |
|
About Company
Rebit is an RBI-owned IT company focused on strengthening India’s central banking technology infrastructure. It specializes in cybersecurity, data analytics, and enterprise IT solutions. Rebit helps enhance the digital capabilities of the Reserve Bank of India.
Services you might be interested in
One-Shot Campaign
Reach out to ideal employees in one shot!
The intelligent campaign for reaching out to the ideal audience to whom you can ask for help (guidance or referral).