Roles & Responsibilities
- Responsible for end-to-end management of the vulnerability management program and the application security portfolio
- Responsible for planning of the annual calendar and ensuring timely completion of the activities (which include application and infrastructure security testing) as mandated by regulatory requirements and internal policies
- Responsible for follow-up, escalations and ensuring timely closure of identified security issues by stakeholders.
- Responsible for ensuring that any code deployed in production is free from security flaws. This includes changes to existing application as well as new applications. The person would be expected to understand the business context and the security considerations and come up with prudent recommendations
- The person is expected to work with extended partner teams to ensure that any change or new application undergoes applicable security testing
- The person is expected to interface with application developers to discuss results and provide guidance for resolving application code vulnerabilities
- Responsible for process improvement to reduce the overall time to market of business
- Responsible for partner resource management and aligning business priorities with limited resources
- Responsible for stakeholder management Internal (Application Development, Technology, Audit teams and other cross functional teams across the organization) and External (Security partners, vendors, auditors) stakeholders
- BE/ B. TECH/ MCA with 4 years working experience in managing and driving Cyber security
- Ethical Hacking and Information Security certifications such as OSCP, CEH, CISSP, SANS, etc would be preferred
- Experience with industry standards and frameworks in cyber security (e.g., ISO 27000-series, CVSS, NIST standards, PCI-DSS etc) is desirable.
- Knowledge of application security topics is a must.
- Knowledge of insurance industry regulatory requirements
- Excellent verbal, written and communication skills and exceptional interpersonal skills
HDFC Life does not charge applicants any recruitment fee or a deposit in return for job offers. HDFC Life does not authorize any third party to make employment offers, refer or place candidates, for a fee charged to the applicant.
Role:Application Security Engineer
Salary: Not Disclosed by Recruiter
Functional Area:IT & Information Security
Role Category:IT Security
Employment Type:Full Time, Permanent
HDFC Life€™s product portfolio comprises solutions, which meet various customer needs such as Protection, Pension, Savings, Investment and Health. Customers have the added advantage of customizing the plans, by adding optional benefits called riders, at a nominal price. The company currently has 37 retail and 8 group products in its portfolio, along with 9 optional riders catering to the savings, investment, protection and retirement needs of customers.
HDFC Life continues to have one of the widest reaches among new insurance companies with about 500 branches in India touching customers in over 900 cities and towns. The company has also established a liaison office in Dubai. HDFC Life has a strong presence in its existing markets with a strong base of Financial Consultants. For more information, please visit our website, www.hdfclife.com
Contact Company:HDFC Life
Address:LODHA EXCELUS,13TH FLOOR,,N M JOSHI MARG,MAHALAXMI, MUMBAI, Maharashtra, India