IS Operations Manager for Application Security

At ABB, we help industries run leaner and cleaner-and every person here makes that happen. You'll be empowered to lead, supported to grow, and proud of the impact we create together. Join us and help run what runs the world.

This Position reports to:

Your role and responsibilities

In this role, you will have the opportunity to successfully develop, operate and implement security measures for ABB in your area of responsibility. Each day, you will protect ABB from rapidly escalating threats. You will also showcase your expertise by staying vigilant in combating security threats, taking charge of the organization's cybersecurity, and keeping track of existing security infrastructure to ensure systems that protect vital information are secured.

The work model for the role is #LI #Onsite

This role is contributing to theIS Application Security Service LineinIndia or Globally.

Key Responsibilities

• Designing and implementing IS Domain service operations in collaboration with IS Service Owners, Application managers, Application owners, Stakeholders, and Solution Architects, ensuring alignment with business needs and technical standards.
• Translating business process demands into scalable IS services, supporting the direction of new initiatives and projects in coordination with IS stakeholders.
• Integrating operational and build activities within a DevOps framework, fostering collaboration between development and operations teams.
• Contributing to vendor contract definitions, including operational scopes, service levels, and SLA agreements, to ensure high-quality service delivery.
• A quality assurance review can be conducted on the penetration testing service to ensure the accuracy, effectiveness, and consistency of the testing process.
• Review and Validate Penetration Test Findings: Review penetration testing reports to ensure all vulnerabilities are accurately documented, categorized by severity, and supported by evidence.
• Managing the endtoend application security operations across global teams, including vulnerability triage, remediation tracking, reporting, and SLA enforcement.
• Overseeing daily activities related to SAST, DAST, SCA, API security, penetration testing, cloud application security reviews, and secure coding guidance.
  Owning the vulnerability lifecycle process: intake, validation, prioritization, assignment, remediation, and closure.
• Coordinating application penetration tests, internal assessments, red team findings, and external vendor assessments.
• Working closely with development, DevOps, architecture, and product teams to embed secure SDLC practices.
• Supporting the integration of security tools into CI/CD pipelines to automate security testing and shift-left security practices.
• Leading thirdparty application security assessments, including SaaS, supplier security reviews, and vendor compliance checks.
• Ensuring alignment with corporate cybersecurity policies, regulatory requirements, audit controls, and internal governance frameworks.
• Preparing leadershiplevel dashboards and reports covering vulnerability metrics, SLA trends, risk posture, and remediation progress.
• Driving escalations for highrisk vulnerabilities and collaborating with service owners to ensure timely risk mitigation.
• Building and improving processes for vulnerability management, security testing, reporting, and automation.
• Identifying gaps in security controls, recommending improvements, and driving continuous maturity of the application security program.
• Acting as a security advisor to application owners, architects, and developers during design reviews, threat modeling, and major release cycles.
• Conducting security awareness and secure coding sessions for engineering teams.
• Managing relationships with vendors, MSSPs, and internal platform owners to streamline application security operations.
• Leading postincident reviews related to application security and ensuring implementation of lessons learned.

Qualifications for the role

• Over 10 years of experience in IT, with at least 8 years in application security operations, managing complex service environments, global vendors, and cross-functional teams.
• Holds a bachelor's degree in computer science, Information Technology, or a related field.
• Deep understanding of application security concepts, secure SDLC, DevSecOps, and modern cloudnative architectures.
• Deep expertise in IS operations, ITIL-based service management, and cybersecurity frameworks, with hands-on experience in the application security domain.
• Proficient in using and managing security platform tools such as vulnerability scanning tools (e.g., Invicti, Burp Suite, Qualys, Nessus, Acunetix, AppScan), and DevOps pipelines.
• Experience managing bug bounty programs or vulnerability disclosure programs (VDP).
• Fluent in spoken and written English able to communicate complex technical issues clearly to nontechnical stakeholders.
• Certifications such as ITIL V4, CEH, OSCP, OSWE, OSWA, GPEN, or PEN200. Preferred certifications include CISSP, CISM, or ISO 27001 Lead Implementer/Lead Auditor.
• Experience working in Agile and DevSecOps environments with strong stakeholder management and crossfunctional coordination skills.

More about us

Our mission in ABB IS (Information Systems) is to harness the power of information technology to deliver valuable, reliable, and competitive IS services for ABB. If you have a strong technical skills, analytical mind, and the drive to help us stay ahead of the competition, you are the one we are looking for.

Building a cleaner, smarter future takes all kinds of minds: the curious, the courageous, and the creative. We welcome people from all backgrounds and experiences.

Ready to make an impact Apply today or visit www.abb.com to learn more about the impact of our solutions across the globe.

Recruitment Fraud Warning

ABB never asks for payment from job applicants. All genuine job offers follow a formal application and interview process.

View current job openings and apply at:

For more information, read our full fraud warning notice at: