Senior Application Security Manager
ARCONTumkur, Karnataka, IndiaJob Summary : We are seeking a highly experienced and strategic-minded Senior Manager of Application Security to lead our security initiatives. The ideal candidate will be a seasoned leader with a deep understanding of application security, vulnerability management, and secure software development lifecycle (SDLC) best practices. You will be responsible for building, managing, and scaling our application security program across multiple product lines, ensuring our systems are robust, secure by design, and compliant with all relevant industry standards. This role requires a blend of technical expertise, leadership, and strategic vision
Responsibilities :
- Strategic Program Leadership :
Develop and execute a comprehensive application security strategy that aligns with business objectives and product roadmaps.
Build, lead, and mentor a high-performing team of application security engineers and DevSecOps professionals.
Define and enforce application security policies, standards, and procedures across the organization.
Oversee the integration of security tools (SAST, DAST, SCA, vulnerability scanners) into the CI / CD pipelines, leveraging both paid and open-source solutions.
Champion the use of automation to streamline security testing and provide continuous feedback to development teams.
Direct the development and maintenance of scripts and automation frameworks (e.g., Python, Bash) to orchestrate and scale security tool usage across the enterprise.
Establish and manage a robust vulnerability management program, including a formal process for handling client-reported vulnerabilities and penetration test findings.
Provide expert-level guidance and architectural solutions for complex security vulnerabilities.
Define and enforce service-level agreements (SLAs) for vulnerability remediation based on severity and business impact, ensuring critical and high-priority issues are fixed promptly.
Implement and manage a centralized system to track all open vulnerabilities (VAs) across the entire product portfolio.
Generate executive-level reports and dashboards on the company's application security posture for senior leadership and board members.
Lead and coordinate internal and external security audits, assessments, and compliance initiatives.
Implement processes to ensure that a vulnerability discovered in one product or module is systematically evaluated for its existence across all other products and components.
Proactively monitor and assess emerging threats, vulnerabilities, and security trends, and translate them into actionable plans for the team
Collaborate with engineering, product management, and operations teams to embed security into the early stages of the SDLC.
Act as the primary subject matter expert on application security for the entire organization.
Develop and lead security awareness and training programs for engineering teams to foster a culture of security.
Required Skills and Qualifications :
Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
12+ years of progressive experience in application security, with at least 4+ years in a senior management or leadership role.
Proven experience building and managing an application security program from the ground up.
Expertise in a wide range of application security tools, including :
o SAST : Veracode, Checkmarx, SonarQube, Semgrep or similar.
o DAST : Invicti, Burp Suite Enterprise, OWASP ZAP, or similar.
o SCA : Snyk, Black Duck, or similar. o Vulnerability Scanners : Nuclei, Qualys, Nessus, or similar
Demonstrated proficiency in scripting and automation (e.g., Python, Bash) for security tooling integration and data analysis.
Strong knowledge of CI / CD pipelines (Jenkins, GitLab CI / CD) and cloud platforms (AWS, Azure, GCP).
Deep understanding of common web application vulnerabilities (OWASP Top 10, CWE) and secure coding principles.
Exceptional leadership, communication, and interpersonal skills, with the ability to influence and drive change at an organizational level.
Relevant industry certifications such as CISSP, CSSLP, CISM, or similar are highly preferred
Create a job alert for this search
Application Security • Tumkur, Karnataka, India
- Promoted
Sr. Lead - Cloud Security
Sycamore Informatics Inc.Tumkur, IN- Promoted
Senior Manager - Information Security (Governance, Risk and Compliance)
NaviBangalore (division)- Promoted
Application Specialist
ReparioTumkur, IN- Promoted
Azure Security Centre Analyst
PwCtumakuru, karnataka, in- Promoted
Lead Security Engineer
interface.aiTumkur, IN- Promoted
Lead Application security engineer
Capillary TechnologiesBangalore (division)- Promoted
Senior Data Security & Governance Specialist
Integris GroupTumkur, IN- Promoted
Application Security Engineer
FoodsmartTumkur, IN- Promoted
Senior Security Architect
LanceSoft, Inc.Tumkur, IN- Promoted
Application Security Architect
YASH TechnologiesGreater Bengaluru Area, India- Promoted
Senior Security Engineer – Cloud, AI & Application Security
Symosis SecurityTumkur, IN- Promoted
SecOps Engineer
JosysBangalore (division)
Senior Information Security Engineer
Epergne SolutionsBangalore Rural, Karnataka, India- Promoted
Senior Security Consultant (Cloud Security)
Claranet Indiatumakuru, karnataka, in- Promoted
Senior Application Security Engineer
AtomicworkBangalore (division)- Promoted
Cyber Security Senior Analyst - Cloud security
Societe Generale Global Solution CentreBangalore (division)- Promoted
Senior Cloud Security Specialist
ACL Digitaltumakuru, karnataka, in- Promoted
