Engineering

IT Application Security Manager

Coimbatore, Tamil Nadu
Work Type: Full Time
Kovai.co, the fastest growing SaaS organization is a premier enterprise software company offering multiple products at scale both in the enterprise arena and in the B2B SaaS space.
We are a technology partner of choice for many of the world’s leading enterprises to manage and monitor their Microsoft BizTalk and Azure Serverless environments.

We always stand out from the crowd with our product team consisting of thinkers and innovators who are redefining the way robust Enterprise Software and SaaS products are built. Headquartered in London, U.K and with a development center in Coimbatore, India, our engineers have niche skills and in-depth domain knowledge.

Trusted by over 1,000+ businesses around the world.

Key Products:
  • BizTalk360
  • Serverless360
  • Document360
  • Churn360
Kovai.co Awards & Recognitions:
  • Kovai.co wins the title “Bootstrap Champ” at The Economic Times Startup Awards 2021.
  • Winner of Bootstrapped SaaS start-up of the year by SaaS BOOMi.
  • NASSCOM Recognizes Document360 at Emerge 50 Awards 2021.

We wish to be known for our values of integrity, teamwork and excellence. As we grow, we ensure that our culture remains at the heart of Kovai. co.
We are constantly on the lookout for smart people who are passionate about building great products, designing great experiences, building scalable platforms, and making customers happy. If you’re looking to make an impact, Kovai.co is the place for you. If this describes you, feel free to have a look at our openings in our career page and apply to be a part of the $30 million journey!

Opportunity: IT Application Security Manager

 

IT Application Security Manager will be responsible for overseeing application security programs relevant to application software and related IT infrastructure based on industry-accepted information security and risk management frameworks. This individual will be an integral part of the Information Technology group reporting directly to the COO to help improve and communicate the maturity levels of application security practices across the organisation.


What you’ll do on the job:

  • Work with all the departments of the organisation spanning across Product engineering and IT team for implementation of application security practices and with Sales and Marketing to enable customer support.
  • Coordinates the continuous development, implementation and updating of security policies, standards, guidelines, baselines, processes, and procedures related to IT application security for a global software product organisation with a high degree of autonomy.
  • Negotiates and influences others to understand and accept new concepts, practices, and approaches.
  • Proactive identification and mitigation of IT application risks as well as responding to observations identified by third party auditors or examiners while assisting in the development of periodic reports and dashboards presenting the level of controls compliance and current IT risk posture.
  • Assist Leadership, managers and staff with the audits and facilitate management response and remediation efforts.
  • Work closely with all departments to understand their work, data, and risk management practices.
  • Conduct regular audits, generate reports, and highlight malpractice / misconduct, sub-standard and non-compliance activities.

Who’ll be a good fit

  • 5 years of experience in IT application security management with global policies and implementation exposure.
  • Bachelors or Master’s in computer science engineering / Information Technology
  • Any specialisation course and certifications in application security
  • Exhibit high degree of confidentiality, integrity, and availability
  • Experience in risk, compliance, and information security policy development.
  • Exposure towards SOC2, ISO standards, GDPR, laws and regulations related to IT Application Security.
  • Expert at the Web application Security testing, in depth testing skillset and ability to bypass weak implementation for attacks, ability to bypass WAF for attack scenarios such as XSS, SQL Injection etc.·
  • Good understanding of Microservice based architecture (Technical). · Good hands-on experience solutioning technology architectures that involve perimeter protection, core protection and end-point protection/detection & API /Micro services Security. ·
  • Experience working in a DevOps environment with knowledge of Continuous Integration, Containers, DAST/SAST tools and building Evil Stories (Technical).
  • Web Application Security – OWASP top 10, CVSS etc.2. Security Code Review – manual code review in Git etc.
  • API Security Review – Open shift, container review etc. Tools and Technologies – Burp Suite, Postman, Tenable Nessus, CheckMarx SAST, GitHub and good knowledge about microservice architecture and pipeline driven security
  • Experience with development and execution of security awareness programmes within organisation.
  • Experience in implementation of VAPT for software applications, Cloud security, infrastructure analysis, policies, guidelines, and execution of standards in terms of permissions and rights to use the systems.
  • Knowledge of software architecture, cloud infrastructure and security.
  • Experience in at least one major cloud platform like Azure / AWS or GCP related to Cloud and IT security.
  • Strong interpersonal skills and the ability to effectively communicate with a wide range of individuals and groups within and outside organisation.
  • Proven problem solver with ability to provide in-depth analysis of complex problems, manage risk and provide timely and accurate decisions.
  • Excellent organizational and communication skills (both oral and written).
  • Implemented necessary documentation to be shared internally and to outside world.
  • Ability to conduct root cause analysis, necessary level of investigation for system breach, manual misconduct.
  • Experience in threat detection and management of cyber threats, vulnerabilities, and attacks.
  • Conducting Secure Software Development training to the development team.


Perks:

  • Collaborative and fun team.
  • Flat organizational structure.
  • Rewards and recognition.
  • Health care benefits.
  • Upskill allowance.
  • Located at the heart of the city with world class infrastructure.

Submit Your Application

You have successfully applied
  • You have errors in applying