Location Name: Pune Corporate Office - Mantri
Job Purpose
This position is open with Bajaj Finance Ltd.
Duties And Responsibilities
- Developing Security Strategies: Create and implement comprehensive security strategies for all applications within the organization, ensuring alignment with business objectives and compliance requirements.
- Risk Assessment and Management: Conduct thorough risk assessments to identify potential security vulnerabilities in applications. Develop and implement risk management strategies to mitigate identified risks effectively.
- Security Architecture Design: Design robust security architectures for applications, considering industry best practices and emerging threats. Ensure that security measures are integrated into the application development lifecycle.
- DevSecOps: Support DevSecOps process by taking ownership of Security aspects in development lifecycle.
- Security Testing and Assessment: Oversee the implementation of security testing processes, including vulnerability assessments, penetration testing, API security, red teaming and code reviews. Analyse test results and provide recommendations for remediation.
- Incident Response and Management: Develop incident response plans and procedures for addressing security incidents related to applications. Lead incident response efforts, including containment, investigation, and resolution.
- Cyber Fraud Management: Collaborate with Enterprise Fraud Management Team for minimising Cyber Frauds across Consumer and Enterprise Apps.
- Cyber Exposure Management: Supporting sustenance operations for discovery threats on Surface Web, Dark Web, Phishing Websites, Malicious Apps and takedown efforts.
- Security Awareness and Training: Develop and deliver security awareness programs to educate employees about application security best practices and promote a culture of security throughout the organization.
- Security Code Review and SBOM: Engineer and Run the established practices of secure coding practices compliance. Run the operations of secure code reviews and SBOM, along with remediation tracking of the reported issues.
- Compliance and Regulatory Alignment: Ensure that application security practices align with relevant industry regulations and compliance requirements. Stay abreast of regulatory changes and update security practices accordingly.
- Vendor and Third-Party Risk Management: Evaluate the security posture of third-party applications and vendors to assess potential risks. Develop strategies for managing and mitigating third-party security risks.
- Collaboration and Communication: Collaborate with cross-functional teams, including developers, engineers, and business stakeholders, to integrate security into the application development process. Communicate security risks and recommendations effectively to executive leadership.
- Continuous Improvement: Stay current with the latest trends, technologies, and threats in application security. Continuously assess and enhance security processes and controls to adapt to evolving threats.
Required Qualifications And Experience
- Engineering / Computer Graduate with 10-15 years of Application / Cyber Security Experience
- Experience from BFSI & Fintech Industry with exposure to regulatory requirements.
- Experience in Consumer facing app ecosystem
- Experience in Managing mid-Size Team
- Relevant Security Certifications like CEH, CPENT, PNPT, EJPT, EWPT, OSCP etc. preferred.
- Prior experience of Security Testing, OWASP Top 10 and application security
- Prior experience of Penetration Testing Web Application, Mobile Applications and API Security testing
- Sound in latest application technologies and network attacks execution
- Good Written and Verbal Communication with Presentation Skills
- Good Team Player and sound in stakeholder management
- Threat Modelling, Cloud Security and WAF basics clarity
- DevOps / DevSecOps and Source Code security review experience is added boon
- Well versed with related tools and techniques of all the above
- Security Testing of AI implementation and LLM security attacks would be added boon
