Outseer - Product & Application Security
Primary Location: Bangalore,
Additional Location(s): Bengaluru, India
Product and Application Security
Outseer, an RSA company, empowers the digital economy to grow by authenticating billions of transactions annually. Our payment and account monitoring solutions increase revenue and reduce customer friction for card issuing banks, payment processors, and merchants worldwide. Leveraging 20 billion annual transactions from 6,000 global institutions contributing to the Outseer Data Network, our identity-based science delivers the highest fraud detection rates and lowest customer intervention in the industry. See what others can’t at outseer.com.
Join us to do the best work of your career and make a profound social impact as a Product and Application Security on our Cybersecurity team in [Bangalore, India].
What you’ll achieve
We are currently seeking a Product & Application Security (PAS) Consultant to join our Information Security team for Outseer. The PAS Consultant will assist with the governance of the Product & Application Security program, coordinate vulnerability and security response for both product lines and corporate business applications and provide secure application design consultation for Outseer applications and cloud Software as a Service (SaaS) environments. The Consultant must develop trusted relationships with industry partners, security researchers and with their internal customers to define and drive process improvements across the development and support organizations to constantly improve the application security program.
The ideal candidate will have demonstrated success in building and leading a Product & Application security program within a global technology company, will possess extensive experience supporting a diverse range of customers. This position requires technical depth and experience, but also strong leadership skills in order to succeed.
- Serve as the senior application security program manager for Outseer, developing the program strategy and advising the company CISO and stakeholders on related subject matter as needed.
- Assist with the definition and management of the end to end process for identifying, reporting and remediating vulnerabilities across Outseer products, corporate IT applications and services.
- Run the Outseer Responsible Disclosure program by managing relationships with external finders, technical analysis of reported vulnerabilities, tracking of remediation activities, creation and dissemination of communication materials and facilitate the release of security advisories to customers.
- Act as technical subject matter expert for secure application design reviews, technical application design reference architectures and secure code development practices.
- Strong understanding of security-related government requirements such as FIPS or STIG.
- Partner with product engineering security champions to support process changes to optimize reporting and response to vulnerabilities. These include, strategy for product and application updates, and customer support process improvements.
- Manage and coordinate response to customer inquiries about Outseer products and application security practices.
- Perform threat modeling, conduct reviews of security architecture and platform/service designs, Pentests and audit source code.
- Define the secure development lifecycle practice security controls and associated training curriculum.
- Participate in the maturation and adoption of DevSecOps process across the organization.
- Develop program governance metrics, KPIs and SLOs to provide visibility into secure software development standard adherence.
- Coach, train, and inspire a global team of security champions across product and application security professionals.
Take the first step towards your dream career
Every Outseer team member brings something unique to the table. Here’s what we are looking for with this role:
- Bachelor’s Degree or equivalent years of industry experience
- 8+ years of experience in product and application security, incident response, or another applicable technical field
- 5+ years of experience with various application security tools including SAST, SCA, DAST, Penetration testing, and fuzzing techniques
- Advanced knowledge of secure web, mobile, API, Microservices, network, security architectures and design patterns.
- Experience designing and implementing secure RESTful APIs
- Knowledge of AWS, Azure, GCP native security tools
- Expert ability to demonstrate, and provide remediation of common security flaws such as those in the OWASP top 10
- Experience delivering software via DevSecOps pipeline and Agile Methodologies, specifically balancing the business need to quickly deliver value while maintaining security control visibility and auditability
- Results-driven and accountability-minded
- Ability to operate effectively in a fast-paced environment with competing and shifting priorities
- Excellent written and verbal communication skills
- Ability to speak confidently and credibly in external forums
- Ability to confidently and effectively present complex technical topics to senior non-technical audiences
- Ability to work collaboratively and effectively as part of a larger matrixed organization
Outseer is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Outseer are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Outseer will not tolerate discrimination or harassment based on any of these characteristics. Outseer encourages applicants of all ages.