Looking to hire a Director for Application Security

Roles & Responsibilities:

• Maintains knowledge of industry cyber security and digital privacy regulations and standards (ISO27K, NIST 800-53, NIST CSF, HIPAA, etc.,)
• Directs the design, build, implement, and support enterprise-class security systems based on the NIST 800-53, Center for Internet Security (CIS) controls and related standards
• Creates solutions that balance business requirements with information and cybersecurity requirements.
• Initiates, collaborates, and leads open conversations with teams, clients, and stakeholders to build trust and understanding around cybersecurity initiatives.
• Governs security assessments, including security program reviews, penetration testing, vulnerability testing, risk analysis, and remediation tracking / provides recommendations related to findings.
• Exposure to AI / LLM / SLM based automation of Cybersecurity operations / governance tasks
• Regularly communicates vital information, security needs and priorities to management
• Fosters a culture of accountability at all levels.

• A minimum of a bachelor's degree in information technology or information systems or cyber security is preferred
• 15-plus years of working experience in Application and Infrastructure Security
• Excellent interpersonal skills
• A minimum of 3 years working in a leadership position
• Should have good understanding and hands on experience in Application security SCA, SAST and DAST
• Should have good understanding and hands on experience in WAF
• Should be able to develop and manage various security policies for Application and Infrastructure
• Should have in-depth knowledge of CIS policies
• Well versed with SAP security
• Should have infrastructure vulnerability management solutions like Qualys, Tenable and Rapid7
• Should have good knowledge of DevSecOps, API Security and manual penetration testing