Application Security Testing Project Manager

Job Description:

Job Title: Application Security Testing Project Manager

Job Description: We are looking for a highly organized and experienced Application Security Testing Project Manager to lead our cybersecurity initiatives. The successful candidate will have a strong background in project management and a deep understanding of Application Security Testing.

Responsibilities:

• First Point of contact for app teams who have security scanning questions – Customer Facing
• Provide guidelines, oversight, and best practices for:
  • Static Application Security Testing (SAST)
  • Dynamic Application Security Testing (DAST)
  • Software Composition Analysis (SCA)
• Provide guidance to development teams on how to properly integrate application scans into their pipelines.
• Gather and analyze threat intelligence for security issues and vulnerabilities.
• Develop specifications for Application Security and mitigation techniques.
• Coordinate mitigation and remediation of detected vulnerabilities to maintain a high-security standard and a hardened environment that satisfies AT&T remediation guidelines (facilitate remediation activities between app team and security testers)
• Research security enhancements and make recommendations to management.
• Perform other duties of a similar nature or level.
• Establish and manage program status reporting structure and cadence
• Credential gathering/management to facilitate efficient scan scheduling
• Process improvements, automation, and innovation that improve both security scanning activities as well as efficient handling of vulnerability reporting and remediation
• Establish and manage reporting, escalation, and tracking to ensure adherence to scan schedules
• Establish and manage program metrics and measurements

Qualifications:

• Bachelor's degree required
• Deep familiarity with the OWASP Top 10 and other security concerns for web applications
• Familiarity with OWASP Application Security Verification Standards (ASVS)
• Familiarity with SAST, DAST, SCA Scanning practices
• Understand how to interpret and assess CVEs (Common Vulnerability and Exposures) as found by scanning tools
• Track record of staying current with trends, techniques, tools, and processes that drive improvement of security posture of applications
• Excellent verbal and written communication skills
• Team-oriented thinking with demonstrated ability to produce high-quality work as part of a fast-paced, dynamic team
• Proven ability to communicate, collaborate, and present effectively with teams and individuals in different disciplines or areas (English language proficiency required)

Weekly Hours:

40

Time Type:

Regular

Location:

Bangalore, Karnataka, India

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities.