Application Security Manager

Role Overview:

Location - Jaipur

Compensation - up to 6.50 LPA.

We are seeking a skilled and passionate DevSecOps Engineer specializing in Application and Cloud Security to join our team at Jaipur. This role involves conducting in-depth security assessments, collaborating with stakeholders, and implementing security best practices across applications and cloud platforms. The ideal candidate will have strong experience in application security, cloud security, and scripting, with a proactive approach to identifying and mitigating security risks.

Key Responsibilities:

Application Security:
• Perform Blackbox, Greybox, and Whitebox security assessments for web and mobile applications.
• Conduct penetration testing and support retesting (re-validation of identified security issues).
• Identify, analyze, and mitigate common security vulnerabilities (e.g., OWASP Top 10).
• Collaborate with internal and external stakeholders to coordinate application security assessments.

Cloud Security:
• Review cloud architecture and configurations to ensure compliance with security best practices and industry standards.
• Leverage Native Cloud Security Services and tools like CSPM for continuous security posture management.
• Provide security guidance and recommendations for cloud platforms, including AWS, Oracle, Azure, or Google Cloud.
• Apply expertise in cloud security principles, architectures, and best practices to improve the organization’s security posture.

Scripting and Automation:

Develop and utilize basic Python or Bash scripts for security automation and tool integration.

Key Requirements:
• Proven experience in Application Security, including hands-on vulnerability assessment and penetration testing.
• Strong knowledge of application vulnerabilities and frameworks like OWASP Top 10.
• Hands-on experience with major cloud platforms (AWS, Oracle, Azure, Google Cloud).
• Knowledge of cloud-native security services and tools (e.g., CSPM solutions).
• Solid understanding of cloud security frameworks and best practices.
• Proficiency in scripting languages like Python or Bash.
• Excellent communication skills to collaborate with stakeholders and provide actionable recommendations.

Preferred Qualifications:
• Certifications such as AWS Certified Security Specialist, Microsoft Azure Security Engineer Associate, or equivalent.
• Familiarity with DevSecOps principles and CI/CD pipeline security.
• Exposure to regulatory standards like ISO 27001, PCI-DSS, or SOC2.