Total 2 legal public security job vacancies in hyderabad

AppSec Sr. Engineer 

Description 

Responsible for application security tasks such as static, SCA and dynamic scanning, collaboration with software engineers, provide flaw mitigation recommendations, implement the strategy for integrating automated security controls into the development life cycle and CI/CD pipelines. Ensuring that the requirements of security as per the Software Security Policy and Technical Security Baseline are met for new agile deliveries and for Experian’s Legacy estate with flaws and issues managed effectively throughout all stages of an applications life. 

Reporting Relationship 

Reports to the Director of Application Security 

Functions 

• Collaborate with software engineers and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC). 

• Work closely with development teams to understand their needs and the risk profile for each application and customize solutions to meet the needs of the application 

• Collaborate on the implementation and management of SAST, SCA, DAST, and other scanning solutions to provide coverage for the application portfolio  

• Guide development teams through a review of their applications and risks against common application flaws like OWASP Top 10 and others Provide visibility to senior management along with context and prioritization of the issues 

• Operate as an advocate for Security in interactions with internal and external teams 

• Work with Risk & Compliance teams on SOC 2, PCI-DSS, HIPAA , and other audits as needed Researches and recommend policy and procedures as they relate to Application Security 

• Lead projects to implement security technologies for the entire enterprise 

• Integrates 3rd party and builds custom solutions into our CI/CD pipelines and development cycles. 

• Define security guardrails through automated tool policies, SLAs, custom rules, and support the developer community 

• Help the enterprise manage vulnerabilities across automated tooling and manual security assessments 

• Work with Champions to build relationships and ensure key activities are supported and deliverables are achieved in a timely manner. 

• Support education and awareness strategy, rollout for Development community. 

• Support the AppSec technical team and ensure relationships with Business and team maximised and effective. 

Application Security Manager 

Description 

The Application Security Manager will be a highly technical leader of a team of Information Security Application Engineers and Penetration Testers tasked with advancing Experian’s Secure SDLC initiatives. In this role you will build and foster the team’s abilities to collaborate and achieve security outcomes, manage the team’s project and operational activities in coordination with Experian’s global directory of product owners and developers, advocate and advance goals of the application attack surface management program, lead application security reviews, deliver reports that enable understanding and remediation of security findings and consult in risk centric strategies.  

Reporting Relationship 

Reports to the Director of Application Attack Surface Management 

Functions 

• Lead and mentor a team of application security engineers and penetration testers. 

• Guide team members’ daily project and operational activities 

• Interact with Experian’s product development teams to advocate secure SDLC activities. 

• Manage and mature the application security program through direct interactions. 

• Actively seek to improve our application security and penetration testing operations. 

• Identify improvement opportunities in all processes and activities involved. 

• Work with architects and engineers to review and design security requirements. 

• Manage and enhance the existing security testing and measurement capabilities in the SDLC. 

• Participate in security and technology strategic planning to ensure identified risk governance is incorporated into the enterprise strategy. 

• Appropriately assess risk and provide software security advice when business decisions are made. 

• Set strategies, processes and oversee the management and operations of SAST, SCA, DAST, and penetration testing operations to provide coverage for the application portfolio. 

• Function as a subject matter expert in application, network and cloud penetration testing, scanning platforms, exploits, tools, and techniques. 

• Building and executing a security testing strategy. 

• Manage test resources to ensure maximum performance. 

• Ensuring secure outcomes of application and configuration testing. 

• Oversee vulnerability identification and measurement. 

• Collaborate with software engineers and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC). 

• Collaborate and maintain Experian’s Security champion and partners network, with the main objectives of understanding their needs and the risk profile for each application and customize solutions to meet the needs of the application. 

• Guide development teams through a review of their applications and risks against common application flaws like OWASP Top 10 and others Provide visibility to senior management along with context and prioritization of the issues. 

• Operate as an advocate for Security in interactions with internal and external teams. 

• Work with Risk & Compliance teams on SOC 2, PCI-DSS, HIPAA, and other audits as needed Research and recommend policy and procedures as they relate to Application Security 

• Lead projects to implement security technologies for the entire enterprise. 

• Integrates 3rd party and builds custom solutions into our CI/CD pipelines and development cycles. 

• Define security guardrails through automated tool policies, SLAs, custom rules, and support the developer community. 

• Help the enterprise manage vulnerabilities across automated tooling and manual security assessments. 

• Work with Champions to build relationships and ensure key activities are supported and deliverables are achieved in a timely manner. 

• Support education and awareness strategy, rollout for Development community. 

• Support the AppSec technical team and ensure relationships with Business and team maximised and effective.