Job Description

Roles & Responsibilities

Role Objective

The Application Security Manager will be responsible for developing and maintaining a robust application security program, ensuring the secure design, development, and deployment of applications across Breadfast. This role will drive security best practices, integrate security into DevOps processes, and align security strategies with business and compliance requirements.

Key Roles & Responsibilities:

Application Security Strategy & Governance

Develop, implement, and maintain the organization's application security program.
Establish and enforce secure coding standards and best practices.
Define security requirements for applications and ensure compliance with ISO 27001, PCI-DSS, OWASP, and other regulatory standards.
Conduct regular risk assessments, threat modeling, and code reviews.
Lead the adoption of SecDevOps practices, ensuring security is embedded in CI/CD pipelines.

Security Assessments & Vulnerability Management

Oversee static (SAST) and dynamic (DAST) security testing for applications.
Manage manual and automated security testing tools such as SonarQube, Checkmarx, Veracode, or Burp Suite.
Identify, prioritize, and remediate application vulnerabilities based on risk impact analysis.
Drive secure third-party integrations and API security assessments.
Ensure regular penetration testing and red teaming exercises are conducted on applications.

Collaboration & Security Awareness

Work closely with software development and DevOps teams to build security-first applications.
Conduct security training and awareness programs for developers on secure coding practices.
Collaborate with business and compliance teams to ensure security policies align with business objectives.
Act as a technical advisor on security architecture for new and existing applications.

Incident Response & Threat Management

Lead incident response efforts related to application security breaches.
Investigate and mitigate security incidents, ensuring a root cause analysis is conducted.
Establish secure logging, monitoring, and anomaly detection mechanisms for applications.
Define security controls for cloud-based and on-premises applications.

Compliance & Reporting

Ensure application security measures align with regulatory and compliance frameworks.
Generate security reports for management, outlining key risks, vulnerabilities, and remediations.
Stay updated on emerging threats and evolving security technologies.

Desired Candidate Profile

Required Experience, Education, Knowledge, and Skills

7+ years of experience in Application Security.
Bachelor's degree and/or master s degree in cyber security, information security, computer engineering, computer science, or a related field.

Core Knowledge & Skills:

Web Application Penetration Testing (WAPT)
Mobile Application Penetration Testing (MAPT)
Secure Software Development Lifecycle (S-SDLC)
Threat Modelling
Secure Source Code Review (SSCR)
SecDevOps

Preferred Certifications:

EC-Council: E|CDE, C|ASE .NET, C|ASE JAVA, W|AHS
INE Security: eWPT, eWPTX, eMAPT
The SecOps Group (TSOG): CAP, CAPen, CAPenX, CMPen-Android, CMPen-iOS
GIAC: GWAPT, GMOB
Offensive Security (OS): OSWA, OSWE
Practical DevSecOps (PDSO): CDP, CDE, CTMP, CASP, CSSE

Mile2: C)SWAE

Social and Medical Insurance
Annual Bonus

Application Security Manager
Robusta Studio

People Looking for Application Security Manager Jobs also searched

Application Security Manager Robusta Studio

People Looking for Application Security Manager Jobs also searched

Application Security Manager
Robusta Studio