Manager, Information Security Application Security Lead

Year    TN, IN, India

Job Description

Req ID: 117310

Remote Position: Hybrid

Region: Asia

Country: India

State/Province: Chennai

City: Guindy, Chennai


Summary
-----------



Application Security applies the understanding of a broad range of technologies and solutions to support strategic business needs and engages with customers at all levels of the organization to successfully realize the vision. They will lead the execution of application security assessments including architecture review, threat modeling, code review, and penetration testing, assisting and enabling the product teams to adopt secure development practices. They will gather and analyze information on Celestica's technology, making recommendations and resolving security issues as required.




#LI-MH1


Detailed Description
------------------------



Performs tasks such as, but not limited to, the following:


• Collaborate with development teams to ensure the adoption of Secure SDLC best practices across the entire application lifecycle
• Validate internal, external, and crowd-sourced application security findings and articulate them to engineering teams by including clear reproduction steps, impact, and remediation advice
• Improve security reporting, including coordinating vulnerability management, penetration testing, and compliance initiatives
• Maintain and monitor the SAST tools with the collaboration of the projects
• Performs strategic assessment and understanding of current capabilities and future security needs of the enterprise, recognize and understand business security risks and define the appropriate risk mitigating controls/technologies
• Able to identify new and alternative approaches to implementing and managing security activities. Provide security consultation and implementation of appropriate controls to minimize the risk of potential loss of revenue, business opportunity or competitive advantage due to malicious attacks, accidental corruption of information, or unauthorized access to sensitive Company or Customer information assets.
• Able to use the business requirements and develop a well-formulated model for security controls, practices, or technologies needed to facilitate
• Maintain relationships with and consult with industry leading Information Security Associations, Companies, and Forums to ensure currency of latest technology and process advances through the above and appropriate education. Manage security trends and how they affect CLS architecture and security protection landscape.
• Liaise with the enterprise architecture, IT Infrastructure and Site IT team to ensure alignment between the security initiatives and projects.
Knowledge/Skills/Competencies
---------------------------------


• Understanding of how scanning tools, penetration tests, and post-deploy scanning tools work together in the application security lifecycle.
• Serve as a subject matter expert on matters of SSDLC and the related tools such as OSS, DAST, SAST, IAST and vulnerability management tools
• Ability to prepare budgets and ROI
• Skills and Experience in Producing Systems Designs
• Experience in risk and compliance management and process development in the areas of information technology and security
• Advanced knowledge of risk mitigation and business controls
• Excellent communication and business writing skills as well as the ability to develop executive-level presentations/strategies that include process diagrams and designs.
• Strong customer management skills; ability to clearly articulate the role that IT can play in enhancing customer's activities
Physical Demands
--------------------


Duties of this position are performed in a normal office environment.


Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.


Typical Education
---------------------


Bachelor's Degree. Specialized Knowledge / Skills. Security Certifications (CISSP, CISA, CRISC, etc...)



Notes
---------



This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.


Celestica is an equal opportunity employer. All qualified applicants will receive consideration for employment and will not be discriminated against on any protected status (including race, religion, national origin, gender, sexual orientation, age, marital status, veteran or disability status or other characteristics protected by law).

At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.




COMPANY OVERVIEW:

Celestica (NYSE, TSX: CLS) enables the world's best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development - from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.




Celestica would like to thank all applicants, however, only qualified applicants will be contacted.

Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.

Beware of fraud agents! do not pay money to get a job

MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Related Jobs

Job Detail

  • Job Id
    JD3402740
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    TN, IN, India
  • Education
    Not mentioned
  • Experience
    Year