Application Security Lead | Offshore

Responsibilities Shift left” security efforts to build security into the software development lifecycle: Conduct secure design reviews and threat modeling to identify and prioritize risks, attack surfaces, and vulnerabilities Deploy and operationalize static (SAST), dynamic (DAST), dependency (SCA) and secrets scanning Work with Platform DevOps team to build and maintain security automation tools to seamlessly embed inline security checks into CI/CD pipelines Partner with Platform DevOps to help design secure-by-default architectures and workflows Assist with application security code reviews of source code changes and advise developers on remediating vulnerabilities following secure coding practices Establish and track SLA governance to ensure security findings are identified, prioritized, and remediated. Maintain application asset inventory. Lead the Security Champions Program to build security-minded culture amongst developers and IT Operations teams. Act as a trusted advisor and partner for development and cross-functional project teams, providing actionable guidance to address security. Help with training on secure coding practices, empowering teams to proactively prevent vulnerabilities. Evaluate and implement security tools and automation solutions to enhance the security posture of applications and streamline security processes. PROFILE Bachelor's degree in Computer Science, Information Security, or related professional experience. Have 3+ years of hands-on experience in application security, including securing cloud-based and containerized environments. Experience performing secure code reviews and interpreting SAST/SCA/DAST results. Strong experience with modern development workflows, including CI/CD pipelines, using Azure Pipelines and GitHub Actions. Working knowledge of the OWASP Top 10 for web applications and APIs and how to apply the standard to minimize security risk. In-depth understanding of vulnerabilities and secure coding practices. Hands-on ex