SBI Card is a leading pure-play credit card issuer in India, offering a wide range of credit cards to cater to diverse customer needs. We are constantly innovating to meet the evolving financial needs of our customers, empowering them with digital currency for seamless payment experience and indulge in rewarding benefits. At SBI Card, the motto 'Make Life Simple' inspires every initiative, ensuring that customer convenience is at the forefront of all that we do. We are committed to building an environment where people can thrive and create a better future for everyone.
SBI Card is proud to be an equal opportunity & inclusive employer and welcome employees without any discrimination on the grounds of race, colour, gender, religion, creed, disability, sexual orientation, gender identity, marital status, caste etc. SBI Card is committed to fostering an inclusive and diverse workplace where all employees are treated equally with dignity and respect which makes it a promising place to work.
Join us to shape the future of digital payment in India and unlock your full potential.
What's in it for YOU
SBI Card truly lives by the work-life balance philosophy. We offer a robust wellness and wellbeing program to support mental and physical health of our employees
Admirable work deserves to be rewarded. We have a well curated bouquet of rewards and recognition program for the employees
Dynamic, Inclusive and Diverse team culture
Gender Neutral Policy
Inclusive Health Benefits for all - Medical Insurance, Personal Accidental, Group Term Life Insurance and Annual Health Checkup, Dental and OPD benefits
Commitment to the overall development of an employee through comprehensive learning & development framework
Role Purpose
Responsible for managing Application Security requirements and processes to reduce technical risks due to vulnerabilities in applications exposed to customer or third-parties, including identifying and assessing vulnerabilities specific to applications. This role also responsible for leveraging expert knowledge of today's ever-changing cybersecurity and risk landscape to influence IT landscape across SBIC Card environment.
Role Accountability
Participate in and support application security reviews including Threat modeling, Code review and Static & dynamic testing; discover security exposures and develop mitigation plans, and also report and fix the technical debt
Facilitate and support the preparation of security releases
Assist in development of automated security testing to validate that secure coding best practices are being used
Provide expertise in security tools for vulnerability assessment, penetration testing & application security
Perform vulnerability risk profiling and prioritization of vulnerabilities
Uphold code reviews across all Platforms and manage integration with vulnerability check tools such as Static Code Analysis and Dynamic Code Analysis tools
Manage bug intake and remediation process for the organization and application vulnerability scanning and penetration testing remediation
Monitor vendor SLAs, perform regular review with vendor management and report to SBI Card leadership
Assist with planning, providing input on capabilities and methods used for vulnerability management and security testing, and driving improvements
Support in development of vulnerability management framework, support compliance and risk management activities, recommending security controls and corrective actions to mitigate vulnerability risks
Conduct vulnerability assessments and penetration testing (application and/or infrastructure) and articulating security issues to technical and non-technical audience
Perform vulnerability risk profiling and prioritization of vulnerabilities
Perform regular status reviews with IT asset owners & senior leadership to ensure compliance with InfoSec policies
Develop and monitor patch deployment schedules for all Vulnerability assessments and penetration testing on an ongoing basis as well as auditing for completeness and coordinate patch management/Remediation activities for all IT assets (workstations, network, server, application, database etc.)
Monitor vendor SLAs, perform regular review with vendor management and report to SBI Card leadership
Ensure process documentation and compliance adherence
Measures of Success
Reduction in security vulnerabilities in SBI Card IT platforms
Number of enhancement opportunities identified for the security posture to reduce overall risk to SBI Card
Reduction in information leakage and exploitation from vulnerabilities
Timely and accurate vulnerability testing and remediation
Process Adherence as per MOU
Technical Skills / Experience / Certifications
Strong knowledge of web development and programming languages e.g. Java, .NET, Python, etc.
Strong knowledge of web application technology, e.g. Application Servers, Web Servers, Databases
Strong java developers, with some understanding of application security testing and willing to switch into that role, would fit for this position
Knowledge of performing security testing on an app development project either using struts, spring much like java based frameworks
Industry-accredited security certifications will be required (the candidate must have or be willing to obtain all of the following certifications - GIAC GWAPT, GPEN, GXPN, OSCP, and CISSP)
Exposure to methodologies, such as OWASP preferred, Penetration, Host, Applications (Ethical Hacking tools such as Nessus, Qualys, Nexpose), Vulnerability Assessments - Network, Host, Applications, Security in SDLC (Application Security), Secure code review - .NET and J2EE technologies
Experience in Software development/Application Security/Vulnerability Management
Competencies critical to the role
Analytical ability
Innovation & Problem Solving
Continuous Learning
Teamwork and Collaboration
Qualification
Bachelor of Engineering in Computer Science / Engineering, Masters in Computer Science or any other relevant discipline
Preferred Industry
BFSI / NBFC / IT & ITES / E-commerce/Telecom
Beware of fraud agents! do not pay money to get a job
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.