Amadeus Labs - Senior Information Security Specialist - DevSecOps

Job Title : SR SPECIALIST INFORMATION SECURITY

Responsibility & Key Result Areas :

• Represent CISO organization and in particular the Application Security Office, in Bangalore, relaying important security objectives, requirements, and information to R&D in BLR.
• Should be from core application software development or DevSecOps background and should have extensive development, designing & DevSecOps skill.
• Should be leading the one or more development / implementation initiatives for Application Security Office.
• As DevSecOps & Secure SDL Senior Specialist, Lead build, implementation and deployment of the Secure Development Lifecycle activities in CI / CD pipeline, Assist in security assessments of new architecture and technology.
• Will have hands on experience in Secure SDLC including DevSecOps, Threat Modelling, Web Application Scan, Static & Binary Scan, Vulnerability assessment and triaging and Security Testing.
• Should provide expertise and consultancy on SCM like GitHub, BitBucket, Jenkins etc and security tools like Burpsuite, Qualys WebApp Scan, Blackduck, Prisma scanner, Fortify SSC, sonarcube, Checkmarx and other static / dynamic analysis tools.
• Should have exposure or ability to learn application security concepts not limited to CIA triad, OWASP Top 10 Vulnerabilities, OAuth, SAML, JWT, Cryptography and other advanced security concepts.
• Perform or assist in performing security assessments for new architectures and technologies, providing expert guidance on potential security risks.
• Analyse, support and validate Security requirements with the purpose of continuously improving our services.
• Support and help in conducting regularly MOCK PCI-DSS & GDPR compliance audits and provide consultancy as required in order to maintain certifications, compliance certificates and adherence to standards and compliancy requirements.
• Ensure Compliance loopback channel to the organization with excellent coordination and communication between stakeholders within the organization.
• Play the role of Security Product Owner / Scrum Master / Facilitator for App Security Agile Scrum / Kanban Team.
• Interface with the rest of the organization with the purpose to collect areas of improvement and transform / enrich them in a way meaningful to the expected providers.
• Understand the environment in sufficient details to solicit, suggest, validate and prioritize innovative ideas and / or requirements that will improve the Security services provided by the organization.
• Ensure project deliverables are delivered to the quality and schedule committed as per project management plan.
• Ensure accurate and effective communication and reporting of key security indicators (KSI) to all relevant stakeholders.
• Help animating R&D community of Security Whitehats and build internal security expertise.
• Assist in creating a security culture and provide input to HR Training for security trainings.
• Provide formalised but pragmatic security standards, guidelines and recommendations, in collaboration with other security offices.
• Raise alerts and find solutions, communicate and report to internal and external stakeholders.

Competencies :

Soft Skills :

Diversity & Inclusion :

Amadeus aspires to be a leader in Diversity, Equity and Inclusion in the tech industry, enabling every employee to reach their full potential by fostering a culture of belonging and fair treatment, attracting the best talent from all backgrounds, and as a role model for an inclusive employee experience.

Amadeus is an equal opportunity employer.

All qualified applicants will receive consideration for employment without regard to gender, race, ethnicity, sexual orientation,?age, beliefs, disability or any other characteristics protected by law.

(ref : hirist.tech)