Job Description

By clicking the Apply button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Takedas and . I further attest that all information I submit in my employment application is true to the best of my knowledge.

ACCOUNTABILITIES :
xc2xb7 Responsible for conducting static code analysis, threat modelling, and creating/managing the developer training program
xc2xb7 Lead in the development and execution of the secure software development strategy for the
enterprise, including policies, standards, and governance
xc2xb7 Implements automation to integrate Application Security into various applications across the
enterprise
xc2xb7 Provides input and guidance on the various DevOps security tools/processes for threat modelling, code repository security, container security, dynamic application security testing, secrets management, penetration testing, and cloud infrastructure security
xc2xb7 Assists in the development of a communications program for application threats and external and internal security events
xc2xb7 Improves and expands application security risk posture and processes across the enterprise
xc2xb7 Creates and supports metrics that report application risk posture and progress over time
xc2xb7 Manages continuous release planning and execution, and integrates with security design and engineering work across multiple groups and technical constituencies
EDUCATION, BEHAVIOURAL COMPETENCIES AND SKILLS:
xc2xb7 Bachelors degree in related field (Business, Information Services, IT, Information Security,
etc.)
xc2xb7 At least 3 years of experience with Application Security, including familiarity with the leading
toolsets supporting Application Security (dynamic and static)
xc2xb7 At least 1 year of experience with product design, delivery, ownership, and threat modelling
xc2xb7 Experience in enabling organizations with DevSecOps
xc2xb7 Strong experience with establishing and executing application security strategy
xc2xb7 Experience in static code analysis and third-party software composition analysis
xc2xb7 Experience in establishing and rolling out Threat Modelling enterprise-wide that can be consumed by developers and engineers
xc2xb7 Strong problem-solving and program execution skills; Ability to prioritize and drive difficult decisions among heads of development teams
xc2xb7 Ability to solve very complex security issues that span legal, compliance, and regulatory obligations across various lines of business and shared service areas of the company
xc2xb7 Knowledge of common information security management frameworks, including but not limited to: ISO 27001/27002, ITIL, COBIT, and NIST
xc2xb7 Ability to provide ongoing metrics and reporting
xc2xb7 Ability to communicate ideas and data both verbally and written in a persuasive and appropriate manner
Desired:
xc2xb7 In-depth pharmaceutical industry and drug development experience
xc2xb7 Experience with validated systems
xc2xb7 Information security certification (CISSP, CISM, GIAC, CEH)
Locations IND - Bengaluru
Worker Type Employee
Worker Sub-Type Regular
Time Type Full time