Responsibilities:

•Work closely with teams across multiple functions across the organization, foster our engineering-centric security culture, and bring palatable security to the masses.

•Be a subject matter expert on our cross-functional security projects with end-to-end ownership on topics such as CI/CD integration and automation, SAST/DAST/SCA security, API security, vulnerability disclosure program/bug bounties and more.

•Lead and guide threat modelling sessions and secure remediation planning discussions with application teams.

•Perform VA/PT on Mobile and web applications.

•Experience in running assessments using OWASP MASVS and ASVS.

•Contribute to security tools development and automation as well as related actionable metrics to enhance TR’s Secure Software Development Life Cycle (S-SDLC).

•Create security guidance and documentation.

•Contribute to the identification of key metrics within the Application Security space and effectively communicate those metrics/OKRs across the various levels of stakeholders across the organization.

• 5+years of Experience.

Qualification Required:

•Bachelor’s degree in Computer Science, Information Security, Programming or a related field.
•Minimum of 3 years of experience in application security.
•Proven experience in mobile (android & iOS) security testing.
•Strong background in threat assessment & software engineering.
•Familiarity with common security frameworks such as OWASP Top 10 and NIST.
•Experience with security tools for SAST, DAST, SCA and such.
•Knowledge of secure coding practices, common vulnerabilities, and best practices for mitigation.
•Familiarity with cyber range environments and hands-on experience with security testing methodologies.
•Professional certifications such as CEH or OSCP are highly desirable.
•Excellent problem-solving skills and the ability to work under pressure.
•Strong communication and interpersonal skills.
•Demonstrated problem-solving and analytical skills.
•Excellent verbal and written communication skills.