Associate Director Security Operations – AppSec Delivery Management
2 years ago Marketing & Communication Hyderabad 197 views Reference: 20475Job Details
Job ID 346901BR
Your Responsibilities Include but are not limited to:
1. Handle AppSec service demand - Assess demand through upcoming projects, application changes, new development, retrospective assessments, etc. Align demand forecast with managed service provider and vendors for them to handle resource scalability
2. Complete oversight and ownership of AppSec service requests lifecycle:
- Conduct awareness sessions with service requestors for fulfilment of service
- Ensure timely processing of all service request and act as a backup to externals supporting service request processing and govern service request inflow, processing, and fulfillment lifecycle. Execution of finances such as GR and rebooking analysis for delivered services
- Ensure all testing engagements are delivered timely by the managed service providers as per SLA, with quality expectations met and any deviations handled per contract arrangements
- Perform technical/process QA of delivered service requests periodically and perform health check of the data and service details maintained in the systems
- Strong control and timely resolution of on-hold, reminders, escalations, pending follow-ups, etc. that could result in degradation of service delivery or operational metrics or hygiene
1. Monitor and maintain AppSec service adoption
- Guide relevant project resources to consume relevant AppSec services and complete cost estimation for these services.
- Generate and analyse AppSec usage/adoption reports to improve control adoption and escalate deviations with internal stakeholders
- Gather feedback, monitor surveys and perform RCA as needed
- Collaboration with strategic programs for demand through request fulfilment
- Ensure all integrated process and systems are operating as expected
- Conduct service training and awareness for global Novartis teams
1. Monitor, report and collaborate with required internal teams to deliver on assigned responsibility and accountabilities
2. Support cross-functional and application teams w.r.t AppSec service inquiries and support in handling service-related control gaps/risks if any.
3. Support development, implementation, maintenance and enforcement of controls, tools, documentation, processes and standards for AppSec service.
4. Ensure the AppSec vendor is paid promptly for the services they have randered to the project/application teams.
5. Track AppSec Vendor SLAs to ensure effective and prompt delivery of all AppSec request. Also, keep customer informed regarding status of their requests.
6. Drive continuous process improvements for AppSec processes and update AppSec process documentation to meet current state of the services.
7. Support audit requests, service reviews, monitoring and reporting of IT security risk status and trends to leadership
Minimum requirements
What you'll bring to the Role:
• BE/ Btech with 9+ years of overall working experience in information security, At least 5+ years in secure SDLC, application security testing and/or technical vulnerability management, Demonstrated leadership skills through 2+ years’ experience in middle management.
• Strong knowledge of vulnerability scoring systems e.g., CVSS, DREAD, OWASP, CWE, CAPEC, MITRE, etc. for application vulnerabilities
• Expertise in security SDLC requirements and secure application controls , reporting to and communicating with senior level management with in depth application security and vulnerability/risk management domain
• Excellent understanding and knowledge of IT application technology, systems, and management processes
• Experience of sourcing complex IT services, working closely with vendors and making full use of their capabilities
Interested candidates Click on below link Apply Online and you will be redirected to Career Page of Company or Career url.