Role description
Core Responsibilities
- SDLC Integration: Manage the integration of security tools and processes (SAST, DAST, SCA) using Checkmarx tool into CI/CD pipelines.
- Vulnerability Remediation: Coordinate with development teams to triage, track, and close security flaws identified during penetration tests or automated scans.
- Stakeholder Management: Serve as the primary point of contact between technical AppSec engineers, product owners, and executive leadership to report on the "security posture" of applications.
- Program Governance: Develop and monitor project plans for AppSec initiatives, such as implementing a new bug bounty program or maturing a threat modeling process.
- Risk Mitigation: Proactively identify and escalate blockers that impact the delivery of secure software or compliance with standards like ISO/IEC 27001 or PCI DSS.
- Tooling: Experience with vulnerability management platforms (e.g., Checkmarx, WIZ, Qualys) and project tracking tools like Jira.
Required Skills
- Project Management: Proficiency in Agile/Scrum methodologies and tools like Jira.
- Technical Literacy: Familiarity with the OWASP Top 10, secure coding standards, and cloud security (AWS/Azure/GCP).
- Communication: Ability to translate complex technical vulnerabilities into business risks for non-technical stakeholders.
Skills
application security,angular,node.js,vulnerability scanning,
About UST
UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.
