Description

You will lead application security strategy and enforcement across multi-cloud and SaaS environments.

Responsibilities

• Conduct threat modeling for complex applications, platforms, and data.
• Manage and operate security tooling including RASP, SAST, DAST, WAF, and IAST.
• Lead Secure SDLC efforts, including the definition of standards and guidelines.
• Develop security measures for AI systems and establish API security frameworks.
• Define identity and access controls for applications, platforms, and data.
• Perform security architecture reviews and code reviews for new technologies.

Required Skills

• 10+ years of technology experience with at least 7 years in Information Security within cloud-native or SaaS environments.
• Hands-on experience with multi-cloud environments including AWS, Azure, Oracle, Salesforce, or Snowflake.
• Proficiency with cloud components such as networking, segmentation, virtualization, encryption, secrets management, serverless, containers, Kubernetes, and IaC.
• Experience with security testing tools including SCA, SAST, DAST, and website analysis.
• Strong knowledge of authentication and authorization technologies like OAuth, SAML, JWT, and federation.
• Hands-on experience with Policy as Code using Python, Go, JavaScript, or YAML.
• Technical proficiency in Node.js, JavaScript, TypeScript, Python, or .NET.
• Experience with traffic analysis, anomaly detection, WAF, RASP, IAM, and security automation.
• Familiarity with PCI-DSS and e-commerce security requirements.

Preferred Skills

• Relevant certifications such as CSSLP, GWEB, GWPAT, or cloud security certifications (AWS/GCP/Azure).

Key Skills

Education

Any Graduate