Application Security Testing Project Manager - Bengaluru, India - AT&T
Description
Job Description:
We are looking for a highly organized and experienced Application Security Testing Project Manager to lead our cybersecurity initiatives.
The successful candidate will have a strong background in project management and a deep understanding of application security testing.Responsibilities:
First Point of contact for app teams who have security scanning questions – Customer FacingProvide guidelines, oversight, and best practices for:
Static Application Security Testing (SAST)Dynamic Application Security Testing (DAST)Software Composition Analysis (SCA)Provide guidance to development teams on how to properly integrate application scans into their pipelines.
Gather and analyze threat intelligence for security issues and vulnerabilities.Develop specifications for application security and mitigation techniques.
Coordinate mitigation and remediation of detected vulnerabilities to maintain a high-security standard and a hardened environment that satisfies AT&T remediation guidelines (facilitate remediation activities between app team and security testers)Research security enhancements and make recommendations to management.
Perform other duties of a similar nature or level.Establish and manage program status reporting structure and cadenceCredential gathering/management to facilitate efficient scan schedulingProcess improvements, automation, and innovation that improve both security scanning activities as well as efficient handling of vulnerability reporting and remediationEstablish and manage reporting, escalation, and tracking to ensure adherence to scan schedulesEstablish and manage program metrics and measurementsQualifications:
Bachelor's degree requiredDeep familiarity with the OWASP Top 10 and other security concerns for web applicationsFamiliarity with OWASP Application Security Verification Standards (ASVS)Familiarity with SAST, DAST, SCA Scanning practicesUnderstand how to interpret and assess CVEs (Common Vulnerability and Exposures) as found by scanning toolsTrack record of staying current with trends, techniques, tools, and processes that drive improvement of security posture of applicationsExcellent verbal and written communication skillsTeam-oriented thinking with demonstrated ability to produce high-quality work as part of a fast-paced, dynamic teamProven ability to communicate, collaborate, and present effectively with teams and individuals in different disciplines or areas (English language proficiency required)Weekly Hours:40
Time Type:
Regular
Location:
Hyderabad, Andhra Pradesh, India
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law.