Manager - Application & Product Security

About Zeta Zeta is a Next-Gen Banking Tech company that empowers banks and fintechs to launch banking products for the future. It was founded by and Ramki Gaddipati in 2015. Our flagship processing platform - Zeta Tachyon - is the industry’s first modern, cloud-native, and fully API-enabled stack that brings together issuance, processing, lending, core banking, fraud & risk, and many more capabilities as a single-vendor stack. 15M+ cards have been issued on our platform globally. Zeta is actively working with the largest Banks and Fintechs in multiple global markets transforming customer experience for multi-million card portfolios. Zeta has over 1700+employees - with over 70%roles in R&D - across locations in the US,EMEA, and Asia. We raised$280 million at billion valuation from Softbank, Mastercard, and other investors in more @,,, The Role As part of the Risk & Compliance team within the Engineering division at Zeta, the Application Security Manager is tasked with safeguarding all mobile, web applications, and APIs. This involves identifying vulnerabilities through testing and ethical hacking, while also educating developers and DevOps teams on how to resolve them. Your primary goal will be to ensure the security of Zeta's applications and platforms. As a manager, you'llbe responsible for securing all of Zeta’s products. In this individual contributor role, you will report directly to the Chief Information Security Officer (CISO). The role involves ensuring the security of web and mobile applications, APIs, and infrastructure by conducting regular VAPT. It requires providing expert guidance to developers on how to address and fix security vulnerabilities, along with performing code reviews to identify potential security issues. The role also includes actively participating in application design discussions to ensure security is integrated from the beginning and leading Threat Modeling exercises to identify potential threats. Additionally, the profile focuses on developing and promoting secure coding practices, educating developers and QA engineers on security standards for secure coding, data handling, network security, and encryption. The role also entails evaluating and integrating security testing tools like SAST, DAST, and SCA into the CI / CD pipeline to enhance continuous security integration.

Responsibilities

• Guide Security and Privacy Initiatives : Actively participate in design reviews and threat modeling sessions to help shape the security and privacy approach for technology projects, ensuring security is embedded at all stages of application development.
• Ensure Secure Application Development : Collaborate with developers and product managers to ensure that applications are securely developed, hardened, and aligned with industry best practices.
• Project Scope Management : Define the scope for security initiatives, ensuring continuous adherence throughout each project phase, from initiation to sustenance / maintenance.
• Drive Internal Adoption and Visibility : Ensure that security projects are well-understood and adopted by internal stakeholders, fostering a culture of security awareness within the organization.
• Security Engineering Expertise : Serve as a technical expert and security champion within Zeta, providing guidance and expertise on security best practices across the organization.
• Team Leadership and Development
• Make decisions on hiring and lead the hiring process to build a skilled security team.
• Define and drive improvements in the hiring process to attract top security talent.
• Mentor and guide developers and QA teams on secure coding practices and security awareness.
• Security Tool and Gap Assessment : Continuously assess and recommend tools to address gaps in application security, ensuring the team is equipped with the best resources to identify and address vulnerabilities.
• Stakeholder Liaison : Collaborate with both internal and external stakeholders to ensure alignment on security requirements and deliverables, acting as the main point of contact for all security-related matters within the team.
• Bug Bounty Program Management : Evaluate and triage security bugs reported through the Bug Bounty program, working with relevant teams to address and resolve issues effectively.
• Own Security Posture : Take ownership of the security posture of various applications across the business units, ensuring that security best practices are consistently applied and maintained.

Skills

Experience and Qualifications

Life At Zeta At Zeta, we want you to grow to be the best version of yourself by unlocking the great potential that lies within you. This is why our core philosophy is ‘People Must Grow.’ We recognize your aspirations; act as enablers by bringing you the right opportunities, and let you grow as you chase disruptive goals.  #LifeAtZeta is adventurous and exhilarating at the same time. You get to work with some of the best minds in the industry and experience a culture that values the diversity of thoughts. If you want to push boundaries, learn continuously and grow to be the best version of yourself, Zeta is the place to be! Zeta is an equal opportunity employer. At Zeta, we are committed to equal employment opportunities regardless of job history, disability, gender identity, religion, race, marital / parental status, or another special status. We are proud to be an equitable workplace that welcomes individuals from all walks of life if they fit the roles and responsibilities.