Manager Application Security

Job Purpose:

To ensure end-to-end security of applications and ensure secure design, development and operation of software application resulting in improvement of overall Security Posture of the Bank.

Responsibilities:

• Guiding and mentoring Application Security team in execution of their job in a planned and organized manner to achieve security objectives and improve bank’s Info security posture.
• Advise security controls in light of international best practices and SBP regulations for mobile/web applications and APIs
• Perform end-to-end risk security review of bank’s software applications.
• Development of application security baselines, best practices and share with relevant stakeholders
• Advise implementation of secure practices in DevSecOps processes, incorporating security testing in development pipeline, and coordinate with development and infrastructure teams for automating security in CI/CD pipeline.
• Perform and report Internal and External Vulnerability Assessments of Business Applications
• Follow all relevant divisional/departmental policies, processes, standard operating procedures and instructions.
• Contribute to the identification of opportunities for continuous improvement of systems, processes and practices within the function; taking into account ‘international best practice’ and advisories.
• Assist relevant stakeholders in remediating vulnerabilities through security advisory

Education : Bachelor’s/ Master's Degree in Computer Science, Engineering or related field

Experience : 6 - 8 years

Job Specific Skills:

• Hands-on Skills on Vulnerability Assessment and Penetration Testing.
• Security risk assessment
• Threat Model
• Application architecture design review

Behavioral Skills:

• Interpersonal and communication skills
• Decision making
• Team coordination